47 Commits

Author	SHA1	Message	Date
pqhuy1987	e54a22de0c	[CLAUDE] Domain+App+Infra+Api+FE-Admin+FE-User: S38 G-O4+G-O5+G-O6+G-P1+G-H3 SKELETON full-stack ... Phase 10.3-10.4 SKELETON 5 plan combo finish — Mig 39+40 + BE skeleton 7 module + FE 2 app SHA256 IDENTICAL + 11 menu key. UAT visible end-to-end. ⚠️ SKELETON Phase 1 trade-off rõ: - Status flat 5-state WorkflowAppStatus enum share Leave/OT/Travel/Vehicle - ApproveV2 workflow advance DEFER Phase 11 (Drafter Create OK, Approve flow chưa wire) - LevelOpinions per-module DEFER Phase 11 - LeaveBalance calc + Auto-assign + SLA timer DEFER Phase 11 - CodeGen atomic + MaDonTu/MaTicket gen DEFER Phase 11 - Vehicle catalog + Driver catalog DEFER Phase 11 (free text VehicleLicense) - ItTicketComments thread DEFER Phase 11 (free text Resolution field) Mig 39 (em main solo): 5 entity Workflow Apps schema - LeaveRequest (G-O4, FK LeaveType Hrm Mig 35, ApplicableType=5) - OtRequest (G-O4, FK OtPolicy optional, ApplicableType=6) - TravelRequest (G-O4, reuse ApplicableType=4 Proposal) - VehicleBooking (G-O5, free text vehicle, ApplicableType=7) - ItTicket (G-O6, NO workflow V2 — kanban status flow) Mig 40 (em main solo): Attendance entity (G-P1) - GPS lat/long check-in/out + Source enum Web/Mobile/Device - UNIQUE composite (UserId, AttendanceDate) - WorkHours computed simple diff (NO OtPolicy multiplier yet) BE CQRS (em main solo, single mega ~1100 LOC): - WorkflowAppsFeatures.cs 7 region (5 module Create+List + Attendance CheckIn/Out/GetMonth + HrDashboard) - 7 Controller: /api/leave-requests + /ot-requests + /travel-requests + /vehicle-bookings + /it-tickets + /attendances + /hr/dashboard - Class-level [Authorize] any authenticated - 13 endpoint total FE 2 app (em main solo fallback gotcha #53 risk): - types/workflowApps.ts × 2 SHA256 IDENTICAL 77470e182a15de88 (all DTOs + Status badge) - WorkflowAppsListPage.tsx × 2 IDENTICAL 58139d0301a60ddf — generic declarative KIND_CONFIG handles 4 module (Leave/OT/Travel/Vehicle) - ItTicketsPage.tsx × 2 IDENTICAL d3062de2f54c794c — kanban 5 status column - MyAttendancePage.tsx × 2 IDENTICAL 86da48ae147db012 — GPS check-in/out + tháng calendar - HrmDashboardPage.tsx × 2 IDENTICAL d9c6c12a5a8694f8 — 4 KPI card + gender ratio + status breakdown - Pattern 16-bis 9× cumulative (App.tsx +4 routes + menuKeys +8 const + Layout staticMap +7 entry) - 7 amber banner "Skeleton Phase 1 — full feature Phase 11" rõ ràng UAT Menu seed: +11 const + SeedMenuTreeAsync 8 row (Off_DonTu sub-group + 3 leaf + Off_DatXe + Off_ItTicket + Off_ChamCong + Hrm_Dashboard). DbInitializer Sample workflow seed DEFER (workflows V2 already seeded từ S29+S37 reuse — admin clone tạo riêng per ApplicableType=5/6/7). Verify: - dotnet build PASS 0 error 2 pre-existing warning - dotnet test 130/130 PASS baseline preserve - npm build × 2 PASS clean - SHA256 verify 5 file × 2 app all IDENTICAL Plan G-* progress 11/11 ✅ (100% COMPLETE): ✅ G-H1 (S33) + G-O1 (S34) + G-H2 (S35) + G-O2 (S36) + G-O3 (S37) + ✅ G-O4 + G-O5 + G-O6 + G-P1 + G-H3 (S38 skeleton) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-28 16:19:42 +07:00
pqhuy1987	de1c378279	[CLAUDE] Domain+App+Infra+Api+FE-Admin+FE-User: S37 Mig 37 enum + Plan G-O3 Đề xuất full-stack ... Phase 10.3 G-O3 Đề xuất (Proposal) — Mig 37 enum extend +5 values + Mig 38 Proposal schema + BE CQRS 8 endpoint + FE 2 app SHA256 IDENTICAL. Mig 37 (em main solo): extend ApprovalWorkflowApplicableType enum +5 values ProposalGeneral=4 / LeaveRequest=5 / OtRequest=6 / VehicleBooking=7 / ItTicket=8 cookie-cutter Mig 22 pattern (Up/Down empty — enum mức Domain). Mig 38 (em main solo): 4 entity Proposal (Code DX/YYYY/NNN) + ProposalAttachment + ProposalLevelOpinion (UNIQUE composite PEId+LevelId mirror PE Mig 26) + ProposalCodeSequence (Prefix PK atomic seq). 4 EF Config + 2 DbContext mod. BE CQRS (em main solo ~700 LOC ProposalFeatures.cs sau Implementer truncate phase exploration gotcha #53 5th + 529 Overload): - 4 Header handler (List paged + GetById detail + Create + UpdateDraft owner-OR-admin) - 4 Workflow handler (Submit gen MaDeXuat atomic + Approve UPSERT LevelOpinion advance + Reject + Return) - SERIALIZABLE transaction CodeGen - DTOs nested LevelOpinion với Step+Level metadata JOIN ProposalsController 8 endpoint /api/proposals (List/GetById/Create/Update/Submit/Approve/Reject/Return) class-level [Authorize] + handler-level owner-OR-admin guard. DbInitializer: SeedSampleProposalWorkflowV2Async ~40 LOC seed QT-DX-V2-001 IsUserSelectable=true NOT gated DemoSeed per gotcha #51. SeedMenuTreeAsync +4 row (Off_DeXuat sub-group + 3 leaf). FE 2 app (em main solo + Implementer 529 fail fallback): - types/proposal.ts × 2 SHA256 IDENTICAL 95607052ff1138f2 - ProposalsListPage.tsx × 2 IDENTICAL 603f0d9cf74cd09a — table 6 cột + Status badge + filter - ProposalCreatePage.tsx × 2 IDENTICAL 6aed3a76563dd576 — Form Header card - ProposalDetailPage.tsx × 2 IDENTICAL 3dc229ea8dcc9bc0 — 3 Section + WorkflowActions - Pattern 16-bis 8× cumulative (App.tsx + menuKeys + Layout staticMap 3 entry) Verify: - dotnet build PASS 0 error 2 warning pre-existing DocxRenderer - dotnet test 130/130 PASS baseline preserve - npm build × 2 PASS (fe-admin 14.72s + fe-user 6.40s) - SHA256 verify 4 file × 2 app all IDENTICAL Pattern reinforced cumulative S37: - Pattern 12-bis cross-module mirror 11× (PE V2 → Proposal V2 ApproveV2) - Pattern 16-bis 4-place mirror cross-app 8× - gotcha #53 5th occurrence Implementer mid-exploration truncation + 529 Overload 1× — em main solo fallback proven Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-28 15:51:14 +07:00
pqhuy1987	f45090b654	[CLAUDE] Domain+App+Infra+Api+FE-Admin+FE-User: S36 Plan G-O2 Phòng họp Mig 36 + BE CRUD + FE 2 app ... Phase 10.2 G-O2 Phòng họp BookingCalendar — Mig 36 schema + BE CQRS + FE 2 app mirror cookie-cutter G-H2 HrmConfig pattern. Standalone không depend workflow. BE schema (Mig 36 — em main solo Step 4): - 4 Domain new: MeetingRoom catalog + MeetingBooking header + MeetingBookingAttendee join table N-to-N (NOT JSON per Investigator verdict) + Enums (MeetingBookingStatus 3-state: Confirmed/Cancelled/Completed) - 3 EF Config: UNIQUE Code + composite index (RoomId, StartAt) range query + UNIQUE composite (BookingId, UserId) join - FK strategy: Room→Restrict (preserve history) + Booking→Cascade attendees + User→Restrict (denorm FullName+Email tránh cascade wipe) - Mig 36 3-file rule + ApplicationDbContextModelSnapshot updated + apply Dev+Design DB BE CQRS (~584 LOC — Implementer Case 2): - MeetingFeatures.cs 479 LOC 9 handler: 4 Room CRUD + 5 Booking (List + GetById + Create + Update + Cancel) - SERIALIZABLE transaction overlap check via EXISTS query — throw 409 Conflict "Phòng đã được đặt trong khoảng thời gian này" - MeetingRoomsController 49 LOC + MeetingBookingsController 56 LOC — class-level [Authorize] + Roles="Admin" for write - Application.csproj +Microsoft.EntityFrameworkCore.Relational package (em main fix IsolationLevel overload — Implementer gotcha #53 4th truncation diagnose mid-task) - MenuKeys.cs +4 const (Off_PhongHop sub-group + View/Manage/Book leaf) - DbInitializer +SeedMeetingRoomsAsync 4 sample (PH-A Phòng họp lớn cap=20 + PH-B cap=8 + PHG-501 Giám đốc cap=6 + ONL-1 Online Zoom cap=50) — NOT gated DemoSeed per gotcha #51 INFRASTRUCTURE seed FE 2 app (~1770 LOC × 2 — Implementer Case 2): - types/meeting.ts × 2 SHA256 IDENTICAL (ce0ad9c6d017cde2) — DTO interface mirror - MeetingCalendarPage.tsx × 2 SHA256 IDENTICAL (d6d160ae1e4f2285) ~530 LOC — custom HTML 7-day grid 8h-20h slot, NO FullCalendar dep (~80 KB bundle saved per Investigator verdict alternative) - MeetingRoomsPage.tsx × 2 SHA256 IDENTICAL (ba35a7ef379a5e9c) ~270 LOC — admin catalog CRUD table + Dialog - 4-place mirror Pattern 16-bis 7× cumulative: types + page + App.tsx route + menuKeys + Layout staticMap 3 entry (gotcha #50 silent sidebar drop prevention) Verify: - dotnet build SolutionErp.slnx PASS 0 error 2 pre-existing DocxRenderer warning - dotnet test 130/130 PASS baseline preserve (58 Domain + 72 Infra) - npm build × 2 app PASS 0 TS error (fe-admin 16.91s bundle 1490 KB / fe-user 8.56s bundle 1404 KB, +23 KB gzip both) Pattern reinforced cumulative S36: - Pattern 12-bis cross-module mirror 10× (PE → Contract V2 → Hrm → Office) - Pattern 16-bis 4-place mirror cross-app 7× - Smart Friend Implementer truncation gotcha #53 4th — mitigation tight brief WORK (FE 2 app no truncation, BE truncate diagnose mid only) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-28 15:06:12 +07:00
pqhuy1987	909655c40d	[CLAUDE] App+Api: S35 Plan G-H2 Task 3 — HrmConfig BE CRUD 16 endpoint cookie-cutter ... Pattern 12-bis cumulative 3× (S29 Plan B + Chunk C + S35 G-H2). Mega scaffold mirror Master/Catalogs/CatalogsFeatures.cs 334 LOC pattern → SolutionErp.Application/Hrm/ HrmConfigFeatures.cs 439 LOC. 4 region cookie-cutter cho 4 HRM catalog (LeaveTypes + Holidays + ShiftPatterns + OtPolicies). 16 endpoint qua HrmConfigsController.cs 137 LOC. ## Scope (Implementer Case 2 ~25K spawn) - HrmConfigFeatures.cs 4 region × (DTO + List + Create cmd/validator/handler + Update cmd/validator/handler + Delete cmd/handler) = 4 DTO + 4 List query + 4 Create + 4 Update + 4 Delete handler - HrmConfigsController.cs URL `/api/hrm-configs/{kind}` × {leave-types, holidays, shifts, ot-policies} × 4 verb = 16 endpoint - Authorization: Class `[Authorize]` + write `[Authorize(Roles="Admin")]` 12 attribute (4 × 3 write verb) mirror Catalogs precedent - Conflict check: 8 AnyAsync IsDeleted (4 Create + 4 Update với composite Year+Date Holiday exclude-self via `x.Id != req.Id`) - Validator: 8 AbstractValidator + 44 RuleFor — MaxLength match EF source-of-truth (Smart Friend Implementer caught spec drift, aligned) - HRM entities NO HasQueryFilter (4 vs 9 file Master have it) — explicit `.Where(!IsDeleted)` in List/Conflict-check queries ## Build + Test verify - dotnet build PASS 0 err (2 pre-existing DocxRenderer warning unrelated) - dotnet test 130/130 PASS preserve (BE-only, no FE/test touch) - FE files NOT touched (defer Task 4 G-H2 FE Admin next chunk) - EF Config + DbInitializer + IApplicationDbContext: S34 done, no re-touch ## Pre-commit Reviewer Smart Friend 8× clean cumulative S22+S25+S29×2+S33×2+S35×2 (FE forms + BE CRUD) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-28 09:51:18 +07:00
pqhuy1987	e506cd8135	[CLAUDE] App+Api: S34 Plan 3 Item 3 BE 5 satellite CRUD scaffold (15 endpoint) ... Phase 1.5 Item 3 BE — Implementer Case 2 cookie-cutter 5-entity scaffold mirror parent EmployeeProfile CRUD pattern (Pattern 12-ter NEW saved). New file: Application/Hrm/EmployeeSatelliteFeatures.cs (621 LOC): - 5 region (#region {EntityName}) — WorkHistory/Education/FamilyRelation/Skill/Document - Each region: Create/Update/Delete Command + Validator + Handler - Verify parent EmployeeProfile.Exists pattern AnyAsync(!IsDeleted) - Soft delete IsDeleted=true + DeletedAt=UtcNow + DeletedBy=currentUser - Validator nullable enum IsInEnum().When(HasValue) pattern Modified file: Api/Controllers/EmployeesController.cs (70 → 234 LOC, +15 endpoint): - 5 region × 3 verb (POST/PUT/DELETE) = 15 satellite endpoint - Path per satellite: - /api/employees/{id}/work-history - /api/employees/{id}/education - /api/employees/{id}/family-relations - /api/employees/{id}/skills - /api/employees/{id}/documents - Per-action policy: Hrm_HoSo.Create/Update/Delete (override class-level Read) - BadRequest guard: id != cmd.{EmployeeProfileId|Id} → "ID không khớp" Document satellite metadata-only — file upload IFileStorage body wire defer S35. Verify: - dotnet build PASS (2 warn DocxRenderer baseline, 0 error) - dotnet test 130/130 PASS (58 Domain + 72 Infra baseline preserve, no test add) - Endpoints count: ~154 → 169 (+15) - LOC delta: +785 BE (621 features + 164 controller) Pattern 12-ter NEW (Implementer MEMORY): 5× satellite CRUD scaffold cookie-cutter within-module (different from Pattern 12-bis cross-module mirror). Reusable cho future N-satellite parent (vd Contract attachments, PE quotes, Budget details). Defer S35: - FE inline edit forms 5 satellite section (~1.5h em main solo) - Test bundle satellite CRUD (~30 phút Implementer Case 3) - IFileStorage Document body upload wire (multipart form-data) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 14:56:14 +07:00
pqhuy1987	61e9ce5b3b	[CLAUDE] Domain+App+Api+Tests+FE-Admin+FE-User: S34 Plan 3 Phase 1.5 batch 4 item ... Phase 1.5 backlog G-H1 EmployeeProfile hardening batch (Items 6+2+1+4 of 6). Item 6 — menuKeys FE drift sync × 2 app: - fe-admin add: Catalogs + 4 Catalog leaves + Workflows + Budgets + Bg_List/Create/Pending (10 key) - fe-user add: Budgets + Bg_List/Create/Pending + ApprovalWorkflowsV2 + 2 AwV2 leaf + MenuVisibility + Workflows (8 key) - Cả 2 file giờ identical mirror BE MenuKeys.cs (28 key cumulative) Item 2 — UpdateEmployeeProfileCommand bool→bool? safe partial update: - 3 field IsCommunistParty/IsYouthUnion/IsTradeUnion → bool? - Handler: HasValue check, null = giữ giá trị cũ (Reviewer minor #(b) S33 fixed) - FE không bắt buộc gửi 3 field every PUT — tránh accidental reset Item 1 — EmployeesController per-action policy (gotcha #44 mitigation): - Class-level [Authorize(Policy = "Hrm_HoSo.Read")] — non-admin thiếu Read → 403 - POST [Authorize(Policy = "Hrm_HoSo.Create")] - PUT [Authorize(Policy = "Hrm_HoSo.Update")] - DELETE [Authorize(Policy = "Hrm_HoSo.Delete")] Item 4 — Test bundle Phase 1.5 (+10 [Fact], baseline 120 → 130/130 PASS): - EmployeeCodeGeneratorTests (3 [Fact]) — atomic SERIALIZABLE NV/YYYY/NNNN + first call + sequential increment + year boundary preserve old year - CreateEmployeeProfileCommandTests (4 [Fact]) — Create handler edge case + first profile + duplicate UserId Conflict + soft-deleted Conflict-restore + UserNotFound NotFoundException - ListEmployeesQueryTests (3 [Fact]) — filter + paging logic + status filter + departmentId filter + search by EmployeeCode partial Implementer Case 3 test gen caught spec mismatch (allow new after soft-delete vs throws Conflict-restore) — chose CODE source of truth + renamed test documenting discriminator message branch. Em main verify behavior correct (admin UX khôi phục thay vì tạo mới — explicit flow defer Phase 1.5+). Verify: - dotnet build PASS (2 warn DocxRenderer baseline, 0 error) - dotnet test 130/130 PASS (58 Domain + 72 Infra = +10) - 4 endpoint /api/employees policy wired (gotcha #44 active mitigation) - 4 MEMORY agent updated post-spawn (CICD Run #238 + Implementer test bundle) Deferred Phase 1.5 next batch: - Item 3 Satellite CRUD endpoints (WorkHistory/Education/FamilyRelation/Skill/ Document) + FE inline edit forms — heavy ~2-3h - Item 5 UAT smoke non-admin role verify silent 403 catch — defer post-deploy Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 13:57:08 +07:00
pqhuy1987	ea440da990	[CLAUDE] Domain+App+Api+Infra+FE-Admin+FE-User: S34 Plan 2 G-O1 Danh bạ nội bộ ... Phase 10.2 Văn phòng số — Internal Directory (1 endpoint reuse Users + EmployeeProfiles + Departments, FE card grid avatar/dept/email/phone/Ext). BE Task 1+2 (em main solo): - Application/Office/DirectoryFeatures.cs — GetDirectoryQuery + DirectoryItemDto 12 field LEFT JOIN Users.IsActive + Departments + EmployeeProfiles - Api/Controllers/DirectoryController.cs — GET /api/directory?search=&departmentId= class-level [Authorize] (mọi authenticated NV tra cứu danh bạ nội bộ) - MenuKeys.cs +Off+OffDanhBa const + All[] update - DbInitializer.SeedMenuTreeAsync Off Order=29 + OffDanhBa Order=1 dưới Off FE Task 3 (Implementer Case 2 Pattern 16-bis 4-place mirror cross-app — 5×): - types/directory.ts SHA256 7349d9f64e78 × 2 app IDENTICAL - pages/office/InternalDirectoryPage.tsx SHA256 2aa7e0eed2c8 × 2 app IDENTICAL Card grid responsive 1/2/3/4 col + filter dept dropdown + search input Avatar 14×14 initials gradient PALETTE 6 màu (Pattern 14 Tailwind JIT) EmployeeCode badge + Department emerald badge + email mailto + phone tel Internal phone Ext: amber badge + empty/loading state Vietnamese 100% - App.tsx route /directory × 2 app - lib/menuKeys.ts Off+OffDanhBa const × 2 app - components/Layout.tsx resolvePath staticMap Off_DanhBa:/directory × 2 app (gotcha #50 — 5 places mirror crossapp DON'T MISS) Verify: - dotnet build PASS (2 warn DocxRenderer existing, 0 error) - dotnet test 120/120 PASS (58 Domain + 62 Infra baseline preserve) - npm build × 2 app PASS 0 TS err (fe-admin 1436KB / fe-user 1350KB) Implementer MEMORY Pattern 16-bis reinforced 5× cumulative (S29 Plan CA HF1 + S29 Plan B Chunk D + S33 Plan B G-H1 Task 5 + S34 Plan G-O1 Task 3). Endpoint smoke pending CICD post-deploy Stage 4 (Run #XXX expected ~3m30s). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 13:39:10 +07:00
pqhuy1987	0e191deea5	[CLAUDE] Domain+App+Api+Infra: Plan B G-H1 Task 4+6 — Hrm CQRS 5 endpoint + Permission menu ... Phase 10.1 G-H1 Phase 2 — Task 4 (BE CQRS + REST endpoint) + Task 6 (Permission menu seed) cumulative. Foundation BE side complete cho Hồ sơ Nhân sự module — FE Task 5 + Reviewer Task 7 + CICD verify next. ## Task 4 — BE CQRS + Controller (3 file new, Implementer Case 2) src/Backend/SolutionErp.Application/Hrm/EmployeeFeatures.cs (~450 LOC): - CreateEmployeeProfileCommand + Validator + Handler - Verify User.Id exists qua UserManager.FindByIdAsync - UNIQUE 1-1 check: throw ConflictException nếu User đã có EmployeeProfile - EmployeeCode auto-gen qua IEmployeeCodeGenerator (NV/{YYYY}/{Seq:D4}) - 50+ field assignment từ Command record - UpdateEmployeeProfileCommand + Validator + Handler (mutable fields, UserId+EmployeeCode immutable) - DeleteEmployeeProfileCommand + Handler (soft delete IsDeleted=true) - GetEmployeeProfileQuery + Handler (Include 5 satellite collection) - ListEmployeesQuery + Handler (paged + JOIN Users+Departments, filter Status/DepartmentId/Search) src/Backend/SolutionErp.Application/Hrm/Dtos/EmployeeDtos.cs (~110 LOC): - EmployeeProfileListItemDto (Id, EmployeeCode, UserId, FullName/Email/Department JOIN, Status, Phone, HireDate) - EmployeeProfileDetailDto (full 50+ field + 5 satellite collection) - 5 satellite DTO: EmployeeWorkHistoryDto + EmployeeEducationDto + EmployeeFamilyRelationDto + EmployeeSkillDto + EmployeeDocumentDto src/Backend/SolutionErp.Api/Controllers/EmployeesController.cs (~70 LOC): - 5 REST endpoint: GET list / GET detail / POST / PUT / DELETE - Class-level [Authorize] only Phase 1 (per-action policy Hrm_HoSo_View/Create/ Edit/Delete defer Phase 1.5 per Reviewer recommend) - Route prefix /api/employees ## Task 6 — Permission menu Hrm_HoSo* (em main solo, 2 file mod) src/Backend/SolutionErp.Domain/Identity/MenuKeys.cs (+10 LOC): - +2 const: Hrm root group + HrmHoSo leaf - Update All[] array → SeedAdminPermissionsAsync auto-grant Admin role CRUD src/Backend/SolutionErp.Infrastructure/Persistence/DbInitializer.cs (+4 LOC): - SeedMenuTreeAsync +2 entry: - (Hrm, "Nhân sự", null, 28, "UserCircle") — root group - (HrmHoSo, "Hồ sơ Nhân sự", Hrm, 1, "ContactRound") — leaf - Order=28 between Budgets=27 và Contracts=30+ (no collision) - INFRASTRUCTURE menu seed (NOT gated DemoSeed:Disabled — em main verified outside gate block per gotcha #51 lesson, mirror Plan B Task 3b SeedDemoEmployeeProfilesAsync placement) ## Reviewer ae752c0 verdict: PASS Smart Friend 6× clean - 0 critical, 0 major, 3 minor defer Phase 1.5 (per-action policy + bool partial update + IDateTimeProvider injection) - Cumulative Smart Friend track: S22 #44 + S25 #48 + S29 Plan CA ≥12 + S29 Plan B ApplicableType + S33 Plan C BW clean + S33 Plan B Phase 2 clean - gotcha #51 INFRASTRUCTURE seed gate compliance: ✓ - gotcha #50 Layout staticMap mirror: ✓ (Task 5 commit next) ## Verify - dotnet build: 0 err 0 warn (1.72s) - dotnet test: 120/120 PASS baseline preserved - Endpoint claim verified grep 0 mock marker, 5 mediator.Send real Pattern 12-bis cross-module entity cookie-cutter mirror PE→Hrm reinforced 4× cumulative (S29 Plan B Contract Chunk C + S33 Task 3 entity scaffold + Task 3b seed + Task 4 CQRS). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-26 20:26:44 +07:00
pqhuy1987	ee776d5745	[CLAUDE] Domain+App+Api+FE-User+FE-Admin: Plan AA Chunk A - BE IsUserSelectable filter + menu seed Pe_DuyetNcc_WfView + sidebar widen w-72 xl:w-80 + revert Plan U truncate ... BE changes: - MenuKeys.cs +helper PurchaseEvaluationWorkflowView(typeCode) => "Pe_{typeCode}_WfView" - DbInitializer.cs SeedMenuTreeAsync: - tree.Add LuongDuyet (Order=2 first child) cho 2 type PE - INSERT-only loop -> INSERT-OR-UPDATE-Order (shift existing prod rows Order+1) - Idempotent: skip nếu Order match, UPDATE nếu mismatch - DbInitializer.cs SeedPurchaseEvaluationPermissionDefaultsAsync +WfView leaf cho 7 role Read - ApprovalWorkflowV2AdminFeatures.cs GetAwAdminOverviewQuery +IsUserSelectable bool? = null + handler conditional Where(d => d.IsUserSelectable == ius) - ApprovalWorkflowsV2Controller.cs Overview signature +[FromQuery] bool? isUserSelectable pass-through to mediator (gotcha #44 fix preserved class-level [Authorize] bare) FE Layout changes (mirror 2 app rule §3.9): - fe-user resolvePath regex (List|Create|Pending|WfView) + route /purchase-evaluations/workflow-matrix?type=N - fe-user + fe-admin sidebar w-60 xl:w-72 -> w-72 xl:w-80 (+48/+32px gain) - Revert Plan U S23 t11 truncate × 5 sites (3 fe-user MenuGroup+MenuLeaf+StaticLeaf + 2 fe-admin MenuGroup+MenuLeaf). Keep min-w-0 flex-1 + shrink-0 + title tooltip (no harm). Bro request hiển thị đầy đủ label custom Mig 27 dài. Why: - User UAT request 2026-05-15: thêm menu "Luồng duyệt" trên Danh sách hiển thị ma trận phân quyền workflow V2 admin Designer ghim ra cho user xem trước khi tạo phiếu. Filter IsUserSelectable=true (Mig 25). - Sidebar Plan U S23 t11 truncate hiển thị "..." → bro muốn full label. Widen sidebar +32-48px + bỏ truncate cho phép wrap natural khi cực dài. Verify: - dotnet build SolutionErp.slnx PASS clean 0 err 2 warn pre-existing DocxRenderer - Investigator Pre-A confirm gotcha #44 đã fix permanent từ 2026-05-08 - Reviewer cumulative PASS 0 critical / 0 major / 0 minor blocker Pending Chunk B: FE WorkflowMatrixViewPage.tsx ~215 LOC + types + App.tsx route. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-15 16:34:40 +07:00
pqhuy1987	1727bd5cd9	[CLAUDE] Api Docs: Chunk P1+P3 — HOTFIX Controller TransitionPeBody record missing 3 fields (ROOT CAUSE F1+F2 fail) ... CICD Monitor Run #202 Plan O verify catch CRITICAL caveat: PurchaseEvaluationsController.cs:267 `TransitionPeBody` record CHỈ có 3 fields (TargetPhase, Decision, Comment) — MISSING 3 fields có trong Command record `TransitionPurchaseEvaluationCommand`: - ReturnMode (F1 mode Trả lại) - ReturnTargetUserId (F1 Assignee target) - SkipToFinal (F2 duyệt thẳng Cấp cuối) Mediator.Send line 70 cũng drop 3 field. → FE × 2 app SEND ĐÚNG 7 fields qua `api.post(/transitions)` body (Investigator audit confirm wire OK) → ASP.NET Core deserialization silently DROP 3 fields ở Controller layer → Handler nhận ReturnMode=null + SkipToFinal=false → fallback default Drafter mode + F2 không trigger. Bug present 2 NGÀY PROD từ Mig 28 deploy 2026-05-13 — gây TẤT CẢ F1+F2 wire fail từ FE side. Plan N (S23 t4) + Plan O (S23 t5) fix 5 lookup sites discrimination NHƯNG controller body record bug block flow TRƯỚC KHI đến lookup site. Em main + Reviewer + Implementer + Investigator all MISS bug này xuyên 4 plan vì: 1. Mig 28 Command extend 3 fields (S21 t4) nhưng Controller body NOT extended 2. Plan K K2 add `skipToFinal` 8th param Service nhưng Controller NOT extended 3. Bug silent — no error, no compile fail, no test fail, FE call OK, BE return 204 nhưng handler nhận default args → wrong behavior Plan P fix BE-only ~10 LOC 1 file `PurchaseEvaluationsController.cs`: 1. Add `using SolutionErp.Application.PurchaseEvaluations.Services` cho WorkflowReturnMode enum import (line ~7) 2. Extend `TransitionPeBody` record line 267 thêm 3 fields default: ```csharp public record TransitionPeBody( PurchaseEvaluationPhase TargetPhase, ApprovalDecision Decision, string? Comment, WorkflowReturnMode? ReturnMode = null, Guid? ReturnTargetUserId = null, bool SkipToFinal = false); ``` 3. Update `mediator.Send` line 70 pass 7 fields: ```csharp await mediator.Send(new TransitionPurchaseEvaluationCommand( id, body.TargetPhase, body.Decision, body.Comment, body.ReturnMode, body.ReturnTargetUserId, body.SkipToFinal), ct); ``` Investigator (FE wire audit) verify: - fe-user/src/components/pe/PeWorkflowPanel.tsx:113-124 + fe-admin mirror — api.post send ĐẦY ĐỦ 7 fields qua body - KHÔNG cần fix FE - Mig 28/31 Domain test đã cover handler logic — không cần test mới Verify: - dotnet build SolutionErp.slnx clean (0 err, 2 warn pre-existing DocxRenderer) - dotnet test SolutionErp.slnx **111/111 PASS** unchanged (no regression) Docs update: - docs/STATUS.md Last updated S23 t6 - docs/HANDOFF.md TL;DR S23 t6 ngắn gọn - .claude/agent-memory/cicd-monitor/MEMORY.md drift (Run #202 entry pre-existing) Pattern reinforced cross-project: - Controller body record MUST mirror Command record fields khi Command thêm optional params. Silent drop bug class — không test/build catch được. - Investigator pre-flight audit FE wire trước khi fix BE (Plan P scope verify) tránh em main fix sai assumption. Pending: CICD Monitor verify Plan P deploy + UAT test bro real. Pending Bug 2 F2 đến Phan Văn Chương: verify workflow v14 DB structure sau khi Plan P unblock F2 flow. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-15 13:27:41 +07:00
pqhuy1987	2ea8977d0f	[CLAUDE] Backout: Chunk D — K5 cleanup F2 zombie endpoint + UsersPage column + DTO field ... Reviewer K2 Major #1: PATCH /api/users/{id}/allow-skip-final endpoint Admin tick = NoOp swallow silent (K1 sentinel → confusion UX). Full backout Plan D S22 stack: BE drop (7 files): - UsersController.cs: DELETE PATCH /allow-skip-final endpoint + SetAllowDrafterSkipToFinalBody record - UserFeatures.cs: DELETE SetUserAllowDrafterSkipToFinalCommand + Handler + UserDto.AllowDrafterSkipToFinal field + list/get DTO mapping sentinel-false references - ApprovalWorkflow.cs: REWRITE stale narrative line 78-80 (Reviewer Major #2 Mig 31 semantic) + docstring AllowApproverSkipToFinal line 108 clean stale Users storage ref - PurchaseEvaluationFeatures.cs: REWRITE Command DTO comment line 401 (Reviewer Minor #3) - ApprovalWorkflowConfiguration.cs: APPEND Mig 31 narrative line 22-24 (Reviewer Minor #4) + clean storage move comment line 87 - ApprovalWorkflowV2AdminFeatures.cs: clean DTO comment line 58 stale "F2 xuống User table" - IPurchaseEvaluationWorkflowService.cs + PurchaseEvaluationDtos.cs: clean stale "storage Users.AllowDrafterSkipToFinal" comments FE Admin drop (2 files): - UsersPage.tsx: DELETE "Skip cuối" column + FastForward badge + FastForward import + allowSkipMut mutation hook + FastForward toggle button - types/users.ts: DELETE allowDrafterSkipToFinal field fe-user KHÔNG đụng (no UsersPage admin-only; K6 sẽ handle Workspace Drafter checkbox). FE Designer page KHÔNG đụng (K3 done; 2 stale comment leftover deferred K6). Plan K refactor F2 storage Users → Levels (Mig 31) complete cumulative cleanup. Pattern reusable: post-refactor full cleanup (BE endpoint + Command + DTO + FE column + types + stale narratives) atomic 1 commit thay vì leak zombie state. Verify: - dotnet build production projects 0 err (2 pre-existing DocxRenderer warn) - npm build fe-admin 0 TS err (no new warning) - Grep AllowDrafterSkipToFinal + allow-skip-final + allowDrafterSkipToFinal zero results across src/Backend (excl Migrations history) + fe-admin/src Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-14 23:27:12 +07:00
pqhuy1987	37b51d7f07	[CLAUDE] PurchaseEvaluation: S22+4 Chunk A — BE attachment view endpoint + AdjustBudget command ... Feature 1 (attachment preview): - NEW `GET /api/purchase-evaluations/{id}/attachments/{attId}/view` - Cùng handler download, override `Content-Disposition: inline` để FE nhúng iframe - Permission: same scope GET phiếu (Plan E V2 strict scope) Feature 2 (điều chỉnh ngân sách): - NEW `AdjustPurchaseEvaluationBudgetCommand` + Handler + Validator - NEW `PATCH /api/purchase-evaluations/{id}/budget-adjust` body `{budgetId, budgetManualName, budgetManualAmount}` - Phase + actor scope guard: * DangSoanThao/TraLai → chỉ Drafter của phiếu * ChoDuyet → Approver currentLevel (match ApproverUserId) — V2 only * Admin → bypass tất cả - Audit changelog với diff narrative: "Điều chỉnh ngân sách: link X→Y, số tiền A→Bđ [Drafter/Approver Bước/Cấp/Admin]" - Tách riêng KHÔNG dùng UpdatePeDraft vì Approver scope KHÔNG nên được edit Section 1 fields (TenGoiThau/DiaDiem/MoTa/PaymentTerms) Verify: - dotnet build SolutionErp.slnx — 0 err, 2 warn DocxRenderer pre-existing - Test defer carry Plan C (UAT mode §7) — guard logic critical, ưu tiên cho S23+ Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-13 22:25:49 +07:00
pqhuy1987	60efeeda63	[CLAUDE] Users: Plan D — F2 toggle AllowDrafterSkipToFinal per-user (Mig 29 wire UI) ... BE: UserDto +AllowDrafterSkipToFinal + SetUserAllowDrafterSkipToFinalCommand + Handler + UsersController PATCH /api/users/{id}/allow-skip-final body {allowDrafterSkipToFinal:bool} Policy=Users.Update. FE Admin: User type +allowDrafterSkipToFinal. UsersPage column "Skip cuối" violet FastForward badge + action button toggle mirror bypass-review pattern. fe-user KHÔNG mirror (UsersPage admin-only). Verify: - dotnet build SolutionErp.slnx — 0 err, 2 warning DocxRenderer pre-existing - npm run build fe-admin — pass 638ms Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-13 21:03:27 +07:00
pqhuy1987	ef394f8067	[CLAUDE] Api+App: Chunk B — PATCH /menus/{key} + DTO extend isVisible/displayLabel ... Session 20 turn 7 Chunk B. BE API cho admin Ẩn/Hiện + Đổi tên menu fe-user. DTO (MenuDtos.cs): - MenuNodeDto +IsVisible bool +DisplayLabel string? - MenuItemDto +IsVisible bool +DisplayLabel string? GetMyMenuTreeQueryHandler: - Pass m.IsVisible + m.DisplayLabel vào MenuNodeDto record - KHÔNG filter IsVisible server-side (FE 2 app tự filter — fe-admin render hết, fe-user filter ẩn). Lý do: 1 endpoint serve cả 2 FE. ListMenuItemsQueryHandler: +IsVisible +DisplayLabel trong Select projection. NEW UpdateMenuItemCommand + Validator + Handler (PermissionFeatures.cs): - Body: { Key, IsVisible, DisplayLabel? } - Validator: Key required + max 50, DisplayLabel max 200 - Handler: load MenuItem by Key (NotFoundException nếu missing), set IsVisible + DisplayLabel (whitespace → null normalize), SaveChangesAsync MenusController +PATCH /api/menus/{key}: - [Authorize(Policy = "Permissions.Update")] — reuse policy admin matrix - Body: UpdateMenuItemRequest { IsVisible, DisplayLabel? } - Send UpdateMenuItemCommand qua MediatR - Return 204 NoContent Verify: - dotnet build SolutionErp.slnx — 0 err (1 warn cũ DocxRenderer không liên quan) Pending Chunk C: FE Admin MenuVisibilityPage Pending Chunk D: FE Layout fe-user filter + render displayLabel Pending Chunk E: Docs S20 turn 7 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-11 11:32:25 +07:00
pqhuy1987	2a53107602	[CLAUDE] AwV2: Mig 25 +IsUserSelectable + Designer pin toggle + Workspace filter, bỏ "(clone)" ... Hai yêu cầu UAT 2026-05-08: 1. Bỏ "(clone)" auto-append khi clone version mới — version đã đủ phân biệt. 2. Thêm pin toggle để admin chọn workflows nào cho user pick lúc tạo phiếu. Migration 25 AddIsUserSelectableToApprovalWorkflows: - ALTER ApprovalWorkflows ADD IsUserSelectable bit NOT NULL DEFAULT 0 - UPDATE backfill SET IsUserSelectable=1 WHERE IsActive=1 (giữ behavior cũ cho active versions, archived = false default — admin tự pin nếu cần) BE: - Domain ApprovalWorkflow +property IsUserSelectable - DTO AwDefinitionDto +field - CreateAwDefinitionCommandHandler set default true cho version mới - New SetAwUserSelectableCommand + Handler - API PATCH /api/approval-workflows-v2/{id}/user-selectable (Workflows.Create policy) - DbInitializer SeedSampleApprovalWorkflowsV2Async set IsUserSelectable=true FE Designer (fe-admin): - DefinitionDto +isUserSelectable - Badge amber "Pin Cho user chọn" khi true (cạnh Đang áp dụng/Archived) - Button "Pin/PinOff Ghim cho user / Bỏ ghim" trong action group + mutation toggle - Auto-fill name khi clone: bỏ "(clone)" suffix → giữ nguyên name FE Workspace (fe-admin + fe-user): - approvalWorkflows query filter w.isUserSelectable === true - User dropdown chỉ thấy workflows admin đã pin Verify: dotnet build pass · 81 test pass · npm build × 2 pass · Mig 25 apply LocalDB OK. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-08 19:15:23 +07:00
pqhuy1987	f77ea3828a	[CLAUDE] Fix: ApprovalWorkflowsV2 GET ai authenticated cũng đc — Drafter pick workflow lúc create PE ... Bug UAT 2026-05-08: user Drafter (nv.test) login Workspace tạo phiếu B, dropdown "Quy trình duyệt" empty silent. Sample seed B đã chạy đúng (Designer admin hiển thị sample + clone v02 active) nhưng Workspace empty. Root cause: class-level [Authorize(Policy = "Workflows.Read")] → non-admin role 403 Forbidden khi GET /api/approval-workflows-v2. TanStack Query catch error silent → dropdown empty không có warning. Fix: - Class-level [Authorize] only (any authenticated) - GET inherit class policy (Drafter cần list workflow để pick — read-only) - POST + DELETE giữ [Authorize(Policy = "Workflows.Create")] — admin-only Designer Workflow data không nhạy cảm — chỉ là cấu hình quy trình. Validate ApplicableType match PE.Type ở Create command đã có. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-08 18:45:04 +07:00
pqhuy1987	d250ae4e71	[CLAUDE] PE Inbox: nhận filter approvalWorkflowId + show dropdown cả 2 view ... User báo: - Filter "Tất cả quy trình duyệt" hiện chỉ ở Danh sách → muốn ở cả 2 - Filter chọn quy trình → không thấy phiếu V2 trong Duyệt (Inbox) BE — wire filter vào Inbox: - GetMyPurchaseEvaluationInboxQuery +ApprovalWorkflowId? param - Handler thêm filter `q.Where(x => x.e.ApprovalWorkflowId == awId)` - PurchaseEvaluationsController.Inbox +approvalWorkflowId query param FE (cả 2 app mirror): - PurchaseEvaluationsListPage: bỏ điều kiện `!pendingMe` ở Select dropdown → hiển thị filter quy trình duyệt CẢ Duyệt + Danh sách - Inbox API call: pass approvalWorkflowId từ URL param Verify: BE 0 error · 2 FE builds OK. Test luồng eoffice: 1. Vào "Duyệt NCC > Duyệt" → 2 dropdown filter hiện đầy đủ 2. Chọn 1 quy trình V2 từ dropdown → list filter chỉ phiếu pin quy trình đó 3. Vào "Duyệt NCC > Danh sách" → 2 dropdown vẫn show, filter cũng work	2026-05-08 15:37:03 +07:00
pqhuy1987	9e63e2da10	[CLAUDE] PE: V2-aware Inbox/List + 2 dropdown filter quy trình + trạng thái ... User báo: "Phiếu chưa thấy lên trong danh sách duyệt — chắc do chưa ăn vào flow. Tách thành 2 cái dropdown là list quy trình duyệt và list trạng thái. Debug trước, phân quyền rút gọn lại sau." BE — V2-aware permission + filter (Application/PurchaseEvaluations/ PurchaseEvaluationFeatures.cs): - ListPurchaseEvaluationsQuery +ApprovalWorkflowId? Guid? param + IDOR loose: phiếu pin V2 → mọi authenticated user thấy được (UAT) - GetMyPurchaseEvaluationInbox V2-aware: ResolveV2InboxIdsAsync helper precompute Set<Guid> phiếu Phase=ChoDuyet pin V2 + actor ∈ Cấp hiện tại approvers (CurrentWorkflowStepIndex + CurrentApprovalLevelOrder match Step.Order + Level.Order). Inbox where = eligiblePhases.Contains || v2InboxIds.Contains. eligiblePhases admin +ChoDuyet. - GetById Detail loose: V2 pin → cho non-Drafter xem (skip eligiblePhases check). API Controller: - PurchaseEvaluationsController.List +approvalWorkflowId query param FE — 2 dropdown filter (cả 2 app mirror): - PurchaseEvaluationsListPage: +URL param `awId` filter quy trình - useQuery `approval-workflows-v2-filter` load list V2 active+history theo applicableType=typeFilter (chỉ enabled khi có type) - Render Select riêng "Tất cả quy trình duyệt" (chỉ show !pendingMe vì Inbox dùng API endpoint khác) + Select "Tất cả trạng thái" giữ - Display option: "QT-DN-V2-001 v01 — Tên quy trình" Verify: BE build 0 error · 2 FE builds OK. Test luồng eoffice: 1. Drafter trình phiếu V2 → Phase=ChoDuyet 2. Login NV X (approver Cấp 1) vào "Duyệt NCC > Duyệt" (?pendingMe=1) → phiếu hiện trong list 3. Login NV Y (không phải approver) → list rỗng (đúng spec) 4. Vào "Duyệt NCC > Danh sách" (không pendingMe) → 2 dropdown: - Quy trình duyệt: filter theo workflow specific - Trạng thái: filter theo Phase	2026-05-08 15:18:22 +07:00
pqhuy1987	f6047d5218	[CLAUDE] Workflow: App CQRS + API ApprovalWorkflowsV2 (Chunk B) ... 3 handler MediatR + Validator + Controller cho schema mới Mig 22. Files: - Application/ApprovalWorkflowsV2/ApprovalWorkflowV2AdminFeatures.cs - GetAwAdminOverviewQuery (filter optional ApplicableType) - CreateAwDefinitionCommand + Validator (auto-increment Version theo Code, deactivate active version cùng ApplicableType) - DeleteAwDefinitionCommand (UAT helper — chưa pin nên unconditional) - DTO: AwDefinition/AwStep/AwLevel + TypeSummary - Application/Common/Interfaces/IApplicationDbContext.cs (3 DbSet) - Api/Controllers/ApprovalWorkflowsV2Controller.cs - Route /api/approval-workflows-v2 - GET ?applicableType=N | POST | DELETE/{id} - Reuse policy Workflows.Read/Workflows.Create Verify: build OK 0 error, IApplicationDbContext expose 3 DbSet mới. Next: Chunk C — FE Designer page + route + Layout resolver.	2026-05-08 12:42:03 +07:00
pqhuy1987	83ffabd0b5	[CLAUDE] Api: PATCH /users/{id}/position-level endpoint (Chunk E) ... Endpoint mới mirror SetBypassReview pattern: - PATCH /api/users/{id}/position-level - Body: { positionLevel: int? } (1=NV, 2=PP, 3=TP, null=clear) - Authorize Policy "Users.Update" - Send SetUserPositionLevelCommand qua MediatR PE Workflow Designer admin Create/Get endpoint KHÔNG cần đụng — record DTO `CreatePeWorkflowDefinitionCommand` đã extend với InnerSteps (default null) ở Chunk B, JSON body bind tự động qua existing controller. Verify: dotnet build 0 error 0 warning · 89 test pass (no regression). Pending Chunk F: FE Designer InnerSteps sub-section + UsersPage column "Cấp" + Docs/Skill update (cuối cùng). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-07 18:24:58 +07:00
pqhuy1987	1fc439b978	[CLAUDE] App+Api+FE: Chunk E5 — Budget 2-stage dept approval (mirror PE/Contract) ... Budget complete the trifecta — đồng bộ pattern 2-stage cho 3 module (Contract + PE + Budget) cùng UX cho user khi UAT. BE App: - TransitionBudgetCommandHandler thêm INotificationService + IDateTime DI - Mirror logic 2-stage từ ContractWorkflowService: - actor.DepartmentId != null + KHÔNG admin/system + KHÔNG resume - DeptManager (TPB) hoặc CanBypassReview → Stage=Confirm - Else (NV) → Stage=Review only, BLOCK transition - Upsert BudgetDepartmentApproval (UNIQUE BudgetId+Phase+Dept+Stage) - Block khi !hasConfirm: insert Approval + Changelog + Notify TPB → return early - BudgetDepartmentApprovalFeatures.cs (List query mirror PE/Contract) Api: - BudgetsController endpoint GET /budgets/{id}/department-approvals FE (cả fe-admin + fe-user): - types/budget.ts thêm ApprovalStage const + BudgetDepartmentApproval type - BudgetWorkflowPanel section "Tiến trình duyệt 2-cấp phòng ban": - Group by phase × dept, show Review NV + Confirm TPB - Highlight amber "chờ TPB confirm" + badge fuchsia bypass Note: low-priority cho Budget (ít user duyệt budget per dept) nhưng giữ consistent UX 3 module. Build: BE pass + FE pass cả 2 + 77 test pass. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-04 13:46:56 +07:00
pqhuy1987	b6f5a16420	[CLAUDE] Infra+App+Api+FE: Chunk E4 — HĐ 2-stage dept approval (mirror PE) ... Mở rộng 2-stage logic từ PE sang Contract workflow (Migration 16 đã có schema): BE Service: - ContractWorkflowService thêm UserManager<User> DI - Mirror logic 2-stage từ PurchaseEvaluationWorkflowService.TransitionAsync Sau policy guard, trước gen mã HĐ: - User.DepartmentId != null + actor không admin/system + KHÔNG resume - DeptManager (TPB) → Stage=Confirm trực tiếp - CanBypassReview=true → Stage=Confirm + IsBypassed=true - Else (NV) → Stage=Review only, BLOCK transition - Insert ContractDepartmentApproval row (UPSERT theo UNIQUE) - Block transition khi chưa có Stage=Confirm: - Insert ContractApproval (FromPhase=ToPhase=fromPhase, [Review NV] comment) - Insert ContractChangelog "đã review, chờ TPB confirm" - Notify TPB cùng dept (UserManager filter DeptManager role) - Return early — phase KHÔNG đổi App + Api: - ContractDepartmentApprovalFeatures.cs (List query mirror PE) - ContractsController endpoint GET /contracts/{id}/department-approvals FE (cả fe-admin + fe-user): - types/contracts.ts thêm ApprovalStage const + ContractDepartmentApproval type - WorkflowHistoryPanel section "Tiến trình duyệt 2-cấp phòng ban": - Group by phase × dept, show Review NV + Confirm TPB - Highlight amber "chờ TPB confirm" khi current phase có Review chưa Confirm - Badge fuchsia "bypass" khi NV.CanBypassReview=true - Insert giữa WorkflowSummaryCard và Lịch sử duyệt - Mirror cả 2 app (rule §3.9) Use case mirror PE: HĐ ở phase DangGopY (P.CCM) — nv.cao (NV) duyệt thì phase KHÔNG đổi (Review only), chờ ccm.tran (TPB) confirm mới sang DangXetDuyet. Build: BE pass + FE pass cả 2 + 77 test pass. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-04 13:43:05 +07:00
pqhuy1987	3c4931687a	[CLAUDE] App+Api+Docs: Chunk E1 — List endpoint + Bypass-review + Notify TPB + chốt session 8 ... 3 endpoint mới + Notify TPB + Docs update để chốt session 8. Application: - PurchaseEvaluationDepartmentApprovalFeatures.cs (NEW): * ListPeDepartmentApprovalsQuery + DTO PeDepartmentApprovalDto * Join Departments (lấy Name) + lookup Users.FullName denorm cho FE timeline - UserFeatures.cs: SetUserBypassReviewCommand + Handler dùng UserManager.UpdateAsync - IApplicationDbContext: thêm DbSet<User> Users + DbSet<Role> Roles (cần cho lookup) Api: - PurchaseEvaluationsController: GET /api/purchase-evaluations/{id}/department-approvals - UsersController: PATCH /api/users/{id}/bypass-review (Authorize Users.Update) Infra: - PurchaseEvaluationWorkflowService: notify TPB cùng dept khi NV review. Query db.Users.Where(DeptId match + IsActive) → UserManager.GetRolesAsync filter DeptManager → notifications.NotifyAsync. Best effort fail non-critical. Docs: - STATUS.md: Recently Done thêm row session 8 + Phase header update count 52→55 tables, 15→16 migrations, 128→131 endpoints - HANDOFF.md: TL;DR session 8 + 8 cảnh báo session 9 (FE chưa làm, test flow anh Kiệt, smart reject test, lock edit test, ...) - migration-todos.md: Phase 9 done section đầy đủ 3 ràng buộc + pending Chunk E-bis - CLAUDE.md: count 52→55 + migration 16 description - session log: 2026-05-04-1230-chot-session-8-2-stage-dept-approval.md (full report) Verify final: - Build pass 0 warning 0 error - 77 unit test pass (54 Domain + 23 Infra) - Migration 16 applied LocalDB OK + schema verified Total session 8 cumulative: 5 commit per-chunk: - 5fe61cc (A: Migration 16 schema) - 14f3c9f (B: Lock edit guards 17 handler) - 9747f8c (C: Smart reject + Resume 3 module) - a532ba6 (D: PE 2-stage logic) - (current E1: List + Notify + Bypass + Docs) Pending Chunk E-bis (defer cho session 9 sau UAT PE): - FE Workflow Panel hiển thị 2-stage timeline - FE UserManager toggle CanBypassReview - HĐ + Budget 2-stage extension - Tests Phase 3 mini cho 2-stage Service-layer logic Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-04 12:42:47 +07:00
pqhuy1987	5d94bb449a	[CLAUDE] PE: Workflow designer admin UI + Ý kiến 4 phòng ban (P1 Session 5) ... ==== Task 1: PE Workflow Designer admin ==== BE (mirror Contract WorkflowAdminFeatures pattern): - Application/PurchaseEvaluations/PeWorkflowAdminFeatures.cs ~250 LOC: - GetPeWorkflowAdminOverviewQuery → list 2 EvaluationType (DuyetNcc / DuyetNccPhuongAn) với Active + History versions + count phiếu đang dùng - CreatePeWorkflowDefinitionCommand + Validator: auto-increment Version per Code, deactivate Active cũ trong cùng EvaluationType (1 active per type invariant) - DTOs: PeWorkflowStepApproverDto / PeWorkflowStepDto / PeWorkflowDefinitionDto / PeWorkflowTypeSummaryDto / PeWorkflowAdminOverviewDto - Phase validation 1..7 (state thường, không bao gồm 99=TuChoi) - Api/Controllers/PeWorkflowsController.cs: 2 endpoint GET /api/pe-workflows + POST. Reuse policy "Workflows.Read" + "Workflows.Create" (admin chung quyền cho cả 2 nhóm WF). FE: - pages/system/PeWorkflowsPage.tsx ~500 LOC mirror WorkflowsPage: - Landing 2-card grid khi /system/pe-workflows (chưa pick type) - TypePanel khi /system/pe-workflows/:typeCode (DuyetNcc / DuyetNccPhuongAn) - DefinitionCard read-only view với active badge + version + steps + approvers (Role/User chip) - PeWorkflowDesigner dialog: clone từ existing, edit Code/Name/Description, add/remove steps, +Role / +User approvers per step, save → version mới + deactivate cũ - App.tsx route /system/pe-workflows + /system/pe-workflows/:typeCode - Layout đã có resolver PeWf_<Code> → /system/pe-workflows/<code> từ session 3 ==== Task 2: Ý kiến 4 phòng ban PE ==== Domain: - PurchaseEvaluationDepartmentOpinion entity (AuditableEntity) — PEId + Kind + Opinion text + SignedAt + UserId + UserName denorm - PeDepartmentKind enum (PheDuyet / Ccm / MuaHang / SmPm) - PE entity + collection navigation DepartmentOpinions Infrastructure: - PurchaseEvaluationDepartmentOpinionConfiguration EF: UNIQUE(PEId, Kind) — max 1 row per phòng ban per phiếu (UPDATE in-place) - ApplicationDbContext + IApplicationDbContext DbSet - Migration 15 AddPurchaseEvaluationDepartmentOpinions (15 migration total / 52 DB tables) Application: - PeDepartmentOpinionFeatures.cs: UpsertPeDepartmentOpinionCommand (sign=true → set SignedAt+UserId, sign=false chỉ lưu text giữ chữ ký cũ) + DeletePeDepartmentOpinionCommand - DTO bundle update: + DepartmentOpinions list trong PurchaseEvaluationDetailBundleDto - GetPurchaseEvaluationQueryHandler load DepartmentOpinions + KindLabel resolution API: - POST /api/purchase-evaluations/{id}/opinions (upsert) - DELETE /api/purchase-evaluations/{id}/opinions/{kind} FE: - types/purchaseEvaluation.ts: + PeDepartmentKind enum + PeDepartmentKindLabel + PeDepartmentOpinion type + departmentOpinions vào bundle - PeDetailTabs Section "5. Ý kiến 4 phòng ban (sign-off)" — 2x2 grid OpinionBox per kind: - Read mode (readOnly menu Duyệt): hiển thị text + chữ ký - Edit mode: textarea + 2 button "Lưu text" / "Lưu & Ký" - Badge "Đã ký" emerald + tên người ký + ngày khi signedAt != null ==== Task 3: User seed verify ==== Seed `SeedDemoUsersAsync` đã match đúng user list authoritative (5 PRO TPB+NV / 7 CCM TPB+NV / 1 ISO / 1 CEO) từ prior commit. DbInitializer reconcile sẽ tự sync khi API restart. Typo trong list user (soluttions / trương) đã fixed sensibly trong seed. ==== Build verify ==== - dotnet build clean (0 error) - fe-admin TS build pass (1 module mới PeWorkflowsPage) - fe-user TS build pass (PE detail mirror) Total: 8 file mới (BE 4 + FE 1 + Migration 2 + 1 Domain) + 13 file modified. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-29 11:17:14 +07:00
pqhuy1987	a05c57b081	[CLAUDE] Domain+App+Api: Module Ngan sach (Budget) - 4 bang + workflow simple ... User request: 'Them cho tao 4 bang luu ve ngan sach: Header / Chi tiet / Quy trinh duyet / Lich su thay doi'. Domain (5 file + 1 enum): - Budget (header) — Aggregate root, AuditableEntity. Field: MaNganSach, TenNganSach, Description, NamNganSach, ProjectId FK, DepartmentId?, DrafterUserId, Phase (BudgetPhase 5-state), TongNganSach (sum auto tu Details), SlaDeadline, SlaWarningSent. - BudgetDetail — flat row pattern (GroupCode/GroupName + Item + KhoiLuong/DonGia/ThanhTien). 18,4 precision KhoiLuong, 18,2 money. - BudgetApproval — workflow history (FromPhase/ToPhase/Decision/Comment) - BudgetChangelog — audit log unified (EntityType: Header/Detail/Workflow) - BudgetPhase enum 5 state: DangSoanThao(1) → ChoCCM(2) → ChoCEO(3) → DaDuyet(4) | TuChoi(99) - BudgetPolicy hardcoded (no versioned WF, simple default per user confirm 'tam thoi don gian'): Drafter/DeptManager → CCM → CEO/ AuthorizedSigner. Reject path back to DangSoanThao. Migration 14 AddBudgets: - 4 bang moi: Budgets + BudgetDetails + BudgetApprovals + BudgetChangelogs - Index: Phase+IsDeleted, ProjectId, NamNganSach, SlaDeadline, MaNganSach unique filtered. Cascade delete child. - +2 cot FK ngoai bang (per user 'lien ket ca 3'): * Contracts.BudgetId Guid? + index * PurchaseEvaluations.BudgetId Guid? + index Cho phep doi chieu chi phi HD/PE vs ngan sach goi thau. Application CQRS (BudgetFeatures.cs ~340 line): - CreateBudget + UpdateBudgetDraft + TransitionBudget + ListBudgets (filter Phase/Project/Year + search + paging) + GetBudget bundle (Header + Details + Approvals + Workflow summary) - DeleteBudget (only DangSoanThao/TuChoi) - AddBudgetDetail + UpdateBudgetDetail + DeleteBudgetDetail (auto recompute TongNganSach = sum Details.ThanhTien) - ListBudgetChangelogs Api: BudgetsController 11 endpoint REST /api/budgets: - GET / /{id} /{id}/changelogs - POST / /{id}/transitions /{id}/details - PUT /{id} /{id}/details/{detailId} - DELETE /{id} /{id}/details/{detailId} DbContext + IApplicationDbContext: 4 DbSet new (Budgets/Details/ Approvals/Changelogs). MenuKeys + DbInitializer: 4 menu key (Budgets root + Bg_List/Create/ Pending leaves) seed dau order=27 'Ngan sach' icon Wallet. Auto-grant admin permission via SeedAdminPermissionsAsync (MenuKeys.All). MaNganSach format don gian 'NS-YYYYMM-NNNN' Random.Shared (chua atomic sequence - user said 'tam thoi chua co'). Workflow chua versioned, hardcode BudgetPolicy.Default. Tuong lai admin config qua UI: them BudgetWorkflowDefinition tables tuong tu PE.	2026-04-28 11:37:45 +07:00
pqhuy1987	d1090843a2	[CLAUDE] PE: upload file dinh kem per-NCC (doi chieu bao gia) ... User request: 'cho cac NCC 1,2 va 3 thi cho them cho upload file dinh kem cho tung NCC de co the doi chieu'. Entity PurchaseEvaluationAttachment + PurchaseEvaluationSupplierId nullable da thiet ke san tu migration 12 — gio wire up BE + FE. BE (Application/Api): - PurchaseEvaluationAttachmentFeatures: Upload (multipart + supplierRowId optional) + Download + Delete. Reuse IFileStorage + LocalFileStorage. Validator 20MB + MIME whitelist (pdf/doc/docx/xls/xlsx/png/jpg/webp). - Upload log vao PurchaseEvaluationChangelogs (Attachment + Insert). - PurchaseEvaluationAttachmentDto + them field Attachments vao bundle. - GetPurchaseEvaluationQueryHandler Include(x => x.Attachments) + OrderByDescending(a => a.CreatedAt) projection. - PurchaseEvaluationsController 3 endpoint: POST /attachments (IFormFile + [FromForm] supplierRowId/purpose/note) GET /attachments/{attId}/download (File stream) DELETE /attachments/{attId} - Storage path: wwwroot/uploads/purchase-evaluations/{id}/{attId}_{safeName} FE (fe-admin + fe-user): - Type PeAttachment + PeAttachmentPurpose/Label (QuoteDocument default) - PeDetailBundle.attachments: PeAttachment[] - SuppliersTab thay column Hien thi + Ghi chu bang column File dinh kem (per-NCC upload + list N attachments + download + delete). - SupplierAttachmentsCell component: <input type=file> hidden + [+ Them file] button + inline list attachments voi Paperclip icon + filename (click tai ve) + size + purpose chip + Trash2 delete.	2026-04-24 12:44:08 +07:00
pqhuy1987	a385d70c2e	[CLAUDE] App+Api+FE: Kế thừa HĐ từ phiếu Duyệt NCC (Phase 4) ... BE: - CreateContractFromEvaluationCommand: guard DaDuyet + SelectedSupplier + ContractId=null → tạo Contract draft mới với SupplierId/ProjectId/ DepartmentId kế thừa từ PE. GiaTri = sum(details.thanhTienNganSach). DraftData = PE.PaymentTerms. Gen MaHopDong ngay + pin WorkflowDefinitionId theo ContractType user chọn. Log Changelog cả 2 bảng (Contract + PurchaseEvaluation), link 2 chiều PE.ContractId = contract.Id. - ListApprovedPurchaseEvaluationsQuery: DaDuyet + ContractId=null cho FE picker. - 2 endpoint mới: GET /api/purchase-evaluations/approved-pending-contract POST /api/purchase-evaluations/{id}/create-contract FE: - PeDetailTabs InfoTab: nếu Phase=DaDuyet && !ContractId && SelectedSupplierId → banner emerald + button "Tạo HĐ từ phiếu" → CreateContractDialog (pick ContractType dropdown 7 loại + TenHopDong + bypass CCM flag) - Sau khi tạo → navigate /contracts/{newId} - Mirror fe-user. KHÔNG auto-map PE Details → Contract Details per-type (PE schema ≠ 7 ContractType details schemas — user điền lại sau). PE → Contract link qua FK ContractId cho navigation + history.	2026-04-23 16:58:41 +07:00
pqhuy1987	4678d192e2	[CLAUDE] App+Api: PurchaseEvaluation CQRS + Controller + WorkflowService ... Application (4 file, ~900 lines): - IPurchaseEvaluationWorkflowService + PurchaseEvaluationDtos - PurchaseEvaluationFeatures: Create / UpdateDraft / Transition / List / Inbox / GetDetail (bundle Suppliers+Details+Quotes+Approvals+Workflow) / Delete / ListChangelogs. IDOR filter role-based phase eligibility. - PurchaseEvaluationSupplierFeatures: Add / Update / Remove supplier (N:M Phiếu × Supplier). Block remove nếu còn Quote FK reference. - PurchaseEvaluationDetailFeatures: Add/Update/Delete hạng mục + Upsert/Delete Quote + SelectWinner (set SelectedSupplierId). Infrastructure: - PurchaseEvaluationWorkflowService: policy load pinned definition → guard role + transition rules. Emit Notification drafter khi state-change. Tạo PurchaseEvaluationApproval + Changelog row. Api: - PurchaseEvaluationsController ~15 endpoint: CRUD phiếu, N:M supplier, hạng mục CRUD, Quote upsert, SelectWinner, Changelog list. Route /api/purchase-evaluations. DI: đăng ký IPurchaseEvaluationWorkflowService scoped. Skip MVP: Attachments upload, Admin PeWorkflows designer UI (sẽ phase sau — framework versioned WF table đã sẵn, designer pattern copy từ HĐ).	2026-04-23 16:43:47 +07:00
pqhuy1987	e53cd3a3b2	[CLAUDE] App+Api+FE+Scripts: Edit detail row inline + deps audit helper ... ## Edit detail row inline (BE) 7 typed UpdateXxxDetailCommand handler trong ContractDetailsFeatures.cs — pattern lặp giống Add commands, EnsureContractType guard + log ChangelogAction.Update với summary "Sửa <hạng mục/SP/CV/...>". 7 PUT endpoints trong ContractsController: - PUT /contracts/{id}/details/{thau-phu|giao-khoan|nha-cung-cap|dich-vu| mua-ban|nguyen-tac-ncc|nguyen-tac-dv}/{detailId} ## Edit detail row inline (FE) ContractDetailsTab.tsx refactor: - DeleteBtn → ActionBtns (Pencil + Trash) với onEdit + onDelete callbacks - 7 XxxTable signatures + onEdit prop + pass row data via callback - New EditRowDialog component: * useEffect populate form từ row data khi target thay đổi * Reuse FIELDS_BY_TYPE config + buildPayload (compute thanhTien) * Date field convert ISO → yyyy-MM-dd cho input[type=date] * PUT /contracts/{id}/details/{slug}/{detailId} - Parent state editTarget — open dialog, close khi save thành công Mirror fe-admin (file copy). ## Deps audit helper script scripts/deps-audit.ps1 — chạy thủ công hoặc CI integration: - dotnet list package --vulnerable --include-transitive (BE) - npm audit --audit-level=moderate (fe-admin + fe-user) - Color-coded output (green/red), summary cuối - -FailOnHigh switch để CI gate Skill ref .claude/skills/dependency-audit-erp/SKILL.md (đã có) cho pin constraints + workflow fix. ## Build - BE: dotnet build pass (0 error) - fe-user: tsc + vite pass (11.52s) - fe-admin: tsc + vite pass (577ms) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 15:18:53 +07:00
pqhuy1987	072ad6d014	[CLAUDE] App+Api+FE-Admin: RolesPage CRUD (/system/roles) ... User feedback: /system/roles trỏ tới placeholder "chưa được build" — build trang quản lý 12 role mặc định + custom role admin tự thêm. ## BE — PermissionFeatures.cs 3 command mới: - CreateRoleCommand — Name regex `^[A-Za-z][A-Za-z0-9_]*$` (chỉ chữ/số/ underscore, bắt đầu chữ), throw ConflictException nếu code đã tồn tại - UpdateRoleCommand — CHỈ update ShortName + Description. KHÔNG đổi Name (Identity FK trong UserRoles + WorkflowStepApprover.AssignmentValue + [Authorize(Roles="...")] attr — đổi = data corruption widespread) - DeleteRoleCommand — block 2 trường hợp: * Role thuộc AppRoles.All hardcoded (workflow guard reference) * Còn user assigned (UserManager.GetUsersInRoleAsync count > 0) ValidationException reference fully-qualified để tránh ambiguous với FluentValidation.ValidationException. ## BE — RolesController 3 endpoint mới (POST/PUT/DELETE) — Authorize Admin role. ## FE — RolesPage Table list 12 + custom roles với 5 column (Mã code / Mã viết tắt / Tên đầy đủ / Loại badge / Ngày tạo) + actions Edit/Delete: - Edit dialog: chỉ ShortName + Description editable, Name disabled với hint "Không đổi được sau khi tạo" - Delete: block với toast nếu role mặc định (HARDCODED_ROLES set check client-side trước khi gọi BE — UX faster, BE vẫn double-check) - Create dialog: 3 field Name (regex pattern HTML5) + ShortName + Description - Banner amber warning về Mã code FK constraint - Loại badge: Mặc định (slate) vs Tùy chỉnh (brand) ## FE — App.tsx + import RolesPage + route /system/roles → RolesPage. ## Build - BE: dotnet build pass (0 error) - fe-admin: tsc + vite pass (13.88s) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 14:57:36 +07:00
pqhuy1987	e27c54702a	[CLAUDE] Domain+App+Api: 4 master catalogs cho Details (migration 10) ... User feedback: thêm Master Data cho phần Chi tiết (line items) — autocomplete khi user nhập field thay vì gõ tay free text. ## 4 entities mới (Domain/Master/Catalogs/) | Entity | Bảng | Dùng cho HĐ Detail | |---|---|---| | UnitOfMeasure | UnitsOfMeasure | Tất cả 7 type (DonViTinh) | | MaterialItem | MaterialItems | NCC + Mua bán + Nguyên tắc NCC (MaSP/TenSP) | | ServiceItem | ServiceItems | Dịch vụ + Nguyên tắc DV (MaDichVu/TenDichVu) | | WorkItem | WorkItems | Thầu phụ + Giao khoán (HangMuc/MaCongViec) | Common pattern: Code unique (filter IsDeleted=0) + Name + Category + DefaultUnit + AuditableEntity (soft delete) + IsActive flag. ## Migration 10: AddMasterCatalogs 3-file rule (gotcha #17). Total DB: 32 → 36 tables. Apply LocalDB OK. ## Seed defaults (idempotent — skip per-table nếu có row) - 20 UnitsOfMeasure: m2, m3, kg, tấn, lít, ngc (ngày công), giờ, gói, ... - 15 MaterialItems demo: xi măng PCB40, cát vàng, đá 1x2, thép D10, gạch 4 lỗ, sơn lót, ống PVC... - 10 ServiceItems demo: vận chuyển, bảo trì, tư vấn, kiểm định, vệ sinh... - 15 WorkItems demo: đào móng, đổ bê tông, xây tường, trát, lát gạch, sơn nước, lắp điện, lắp nước, thấm chống... ## CQRS (Application/Master/Catalogs/CatalogsFeatures.cs ~290 dòng) Mỗi catalog 5 handlers (List filter q+category, Create với unique code guard, Update, Delete soft). FluentValidation max length per spec EF. ## Controller (Api/Controllers/CatalogsController.cs) 13 endpoints: - GET /api/catalogs/{units|materials|services|work-items} - POST /api/catalogs/{kind} (Admin role) - PUT /api/catalogs/{kind}/{id} (Admin role) - DELETE /api/catalogs/{kind}/{id} (Admin role) Read open cho mọi role (FE Details add form autocomplete cần list). ## Menu (5 mới) - Catalogs (group, Master parent, order 24, "Library" icon) - CatalogUnits "Đơn vị tính" (Ruler) - CatalogMaterials "Vật tư / SP" (Package) - CatalogServices "Dịch vụ" (Wrench) - CatalogWorkItems "Hạng mục công việc" (ListChecks) Admin auto-grant tất cả CRUD action (qua SeedAdminPermissionsAsync loop MenuKeys.All). ## Build dotnet build BE pass (0 error) ## Note FE admin page CatalogsPage + datalist autocomplete trong Details form sẽ ở commit kế tiếp. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 12:21:39 +07:00
pqhuy1987	e6844553a4	[CLAUDE] App+Api: 7 Details CRUD endpoints + Changelogs query ... ## DTOs (Application/Contracts/Dtos/ContractDetailDtos.cs) - 7 typed DTOs (ThauPhuDetailDto, GiaoKhoanDetailDto, NhaCungCapDetailDto, DichVuDetailDto, MuaBanDetailDto, NguyenTacNccDetailDto, NguyenTacDvDetailDto) — schema 1-1 với Domain entities - ContractDetailsBundleDto — wrapper trả về theo Type, chỉ 1 list có data (FE đọc field tương ứng, tránh polymorphic deserialize phức tạp) - ContractChangelogDto — full audit entry ## CQRS (Application/Contracts/ContractDetailsFeatures.cs) - GetContractDetailsQuery — load bundle, switch theo Contract.Type chỉ query bảng tương ứng (avoid 7 query waste) - 7 AddXxxDetailCommand handlers — typed payload + EnsureContractType guard (throw ConflictException nếu Contract.Type sai) - DeleteContractDetailCommand generic — dispatch xóa theo Type, log change - Tất cả handler call IChangelogService.LogDetailChangeAsync với summary human-readable (vd "Thêm hạng mục: Đào móng") ## CQRS (Application/Contracts/ContractChangelogFeatures.cs) - ListContractChangelogsQuery (read-only) — desc CreatedAt, default top 200 ## Controller (Api/Controllers/ContractsController.cs) 8 endpoints mới: - GET /api/contracts/{id}/details → bundle theo Type - POST /api/contracts/{id}/details/{thau-phu|giao-khoan|nha-cung-cap| dich-vu|mua-ban|nguyen-tac-ncc|nguyen-tac-dv} → 7 typed POST - DELETE /api/contracts/{id}/details/{detailId} → generic delete - GET /api/contracts/{id}/changelogs → list audit entries Build: dotnet pass (0 error) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 10:16:18 +07:00
pqhuy1987	e7e5f2d066	[CLAUDE] Domain+Infra+App+Api+FE-Admin: versioned workflow per ContractType ... User yêu cầu: mỗi loại HĐ có quy trình riêng với admin add roles + users vào từng bước. Khi tạo version mới → HĐ tương lai chạy theo, HĐ cũ giữ version cũ. Domain: - WorkflowDefinition (Code + Version + ContractType + IsActive + Steps) - WorkflowStep (Order + Phase + Name + SlaDays + Approvers) - WorkflowStepApprover (Kind: Role/User + AssignmentValue) - Contract.WorkflowDefinitionId — pinned at creation - WorkflowPolicyRegistry.FromDefinition() — build runtime policy từ DB Infrastructure: - EF config + migration AddVersionedWorkflows (3 table mới) - DbInitializer.SeedWorkflowDefinitionsAsync: v01 per 7 ContractType, steps sinh từ hardcoded WorkflowPolicies (Role approvers). - ContractWorkflowService.TransitionAsync: load pinned WorkflowDefinition → FromDefinition(), fallback cho HĐ cũ không có pin. Application: - CreateContractCommand pin WorkflowDefinitionId = active version cho type - ContractFeatures.Get(id): load pinned def cho workflow summary - WorkflowAdminFeatures: GetWorkflowAdminOverviewQuery (7 types + active + history + ContractsUsingCount), CreateWorkflowDefinitionCommand (validate payload, auto-increment version, deactivate old). Api: - GET /api/workflows trả overview - POST /api/workflows tạo version mới (deactivate old) FE /system/workflows: - Tabs per 7 ContractType, mỗi tab hiện active version + lịch sử - DefinitionCard: steps với badge role/user + SLA + archived indicator hiện "N HĐ còn chạy" cho version cũ - WorkflowDesigner modal: form code/name/desc + danh sách steps (phase/name/SLA) + approvers (+ Role hoặc + User). Drop step ok. Clone từ version hiện tại để tạo v02 có điểm start sensible. - Amber banner: HĐ cũ không bị ảnh hưởng khi tạo version mới Invariants được giữ: - Unique (Code, Version) index - Chỉ 1 version IsActive per ContractType tại 1 thời điểm - Set default sẽ auto xóa override → respect legacy override table - Role-kind approvers drive transition guards; User-kind fallback DeptManager role cho v1 (user-level targeting = iteration 2) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 22:57:41 +07:00
pqhuy1987	5e0f3801a1	[CLAUDE] Move nested-type menu → fe-user; Admin workflow config page ... User clarified: menu loại HĐ 3-level (Danh sách/Thao tác/Duyệt) thuộc fe-user. Admin có page riêng để config quy trình per loại HĐ. fe-admin Layout: - filterForAdmin() drops Ct_* entries (hide nested type menu). - Admin sidebar giờ về lại đơn giản: Dashboard / Master / Hợp đồng (leaf) / Forms / Reports / System. fe-user Layout: - Dynamic menu tree từ /menus/me (thay fixed USER_MENU hardcoded). - Recursive MenuNodeRenderer (top-level expanded, nested collapsed). - resolvePath user-specific: Ct_*_List → /my-contracts?type=X, Ct_*_Create → /contracts/new?type=X, Ct_*_Pending → /inbox?type=X. - filterForUser drops admin-only entries (Master/System/Forms/Reports). - Static USER_FIXED_TOP prepends "Hộp thư" leaf → /inbox. - MyContractsPage + InboxPage đọc ?type=X param, filter client-side. Workflow config (Admin side): - Domain: WorkflowTypeAssignment entity (ContractType → PolicyName override). Registry.ForContractWithOverrides() prefer DB override else default. - Infrastructure: EF config + migration AddWorkflowTypeAssignments, unique index trên ContractType. ContractWorkflowService load overrides dict mỗi transition. ContractFeatures load overrides khi build WorkflowSummaryDto. - Application: GetWorkflowAdminOverviewQuery returns 7 types × current policy + available policies. SetWorkflowAssignmentCommand validate policy name tồn tại; nếu = default thì delete override (no stale row). - Api: GET /api/workflows + PUT /api/workflows/{contractType} với policy "Workflows.Read" + "Workflows.Update". - Menu: new key `Workflows` dưới System, label "Quy trình HĐ". - FE /system/workflows: 7 card per type, dropdown Standard/SkipCcm + 'Đã override' badge khi khác default, phase sequence timeline, explanation banner ở top. Iteration 2 note: admin-authored custom policies. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 22:41:05 +07:00
pqhuy1987	6197c841bb	[CLAUDE] App+Infra+FE-Admin: seed master data + MyDashboard widgets ... Task 1 — Seed master data unblock UAT/demo: - DbInitializer.SeedDepartmentsAsync: 9 departments từ QT-TP-NCC.docx (PM/QS/CCM/PRO/FIN/ACT/EQU/HRA/BOD) — reference data không phải demo. - DbInitializer.SeedDemoMasterDataAsync: 5 demo suppliers (NCC VLXD, NTP Xây dựng, TĐ Hoàng Nam, DV Clean, CĐT Vingroup — covers cả 5 SupplierType) + 3 demo projects (FLOCK01, SkyGarden, Industrial). Chỉ seed nếu tables empty — respect admin's real data khi họ add. Task 2 — Roles CRUD đã có sẵn trong UsersPage (Shield icon button mở dialog gán 12 roles từ AppRoles.cs). Skip. Task 3 — MyDashboard role-specific widgets: - GetMyDashboardQuery (Reports): returns DraftsInProgress (tôi là Drafter + phase soạn thảo), PendingMyApproval (phase eligible role tôi + không phải tôi drafter), DueSoon 24h, Overdue, DraftsTotalValue. - Endpoint GET /api/reports/my-dashboard. - FE MyDashboardRow ở đầu DashboardPage: 4 card hover → navigate. Admin ẩn row nếu tất cả = 0 (ERP noise reduction). 'Đang soạn thảo' + 'Chờ tôi duyệt' clickable → /contracts?filter=... (filter param để wire lần sau; row hiện chưa implement). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 22:06:28 +07:00
pqhuy1987	6bbd894d96	[CLAUDE] App+Infra+Api+FE-Admin: PDF export (LibreOffice headless) ... Pipeline: template.docx → FormRenderer fill placeholders → LibreOffice soffice --headless --convert-to pdf → PDF byte[] → File() stream to browser. Clean-arch split: - Application: IPdfConverter abstraction (swap to QuestPDF/Aspose later without touching caller). - Infrastructure: LibreOfficePdfConverter — shells out to soffice.exe path from config (Pdf:SofficePath, default `C:\Program Files\LibreOffice\program\soffice.exe` on Windows). Per-request temp workDir để tránh filename collision + -env: UserInstallation isolate mỗi conversion (chống "soffice already running" khi concurrent). Timeout 60s (configurable). Best-effort cleanup. Kill entire process tree nếu timeout. - Application: ExportTemplatePdfCommand — reuses existing FormRenderer + pipes bytes through IPdfConverter. Same data dict signature as Render để UI code share. - Api: POST /api/forms/templates/{id}/export-pdf (same JSON body as /render, returns PDF stream). FE: - useExport hook chung cho 2 endpoints (DRY render + export-pdf mutations) - Render dialog thêm nút "Tải PDF" (outline variant) cạnh "Tải file gốc". Disabled khi mutation khác đang chạy. - Hướng dẫn dialog nâng cấp: "file gốc để edit Word/Excel, PDF để in/gửi không chỉnh sửa được". Ops: scripts/install-libreoffice.ps1 — silent MSI install 25.8.6 cho VPS (đã chạy trên prod). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 21:28:31 +07:00
pqhuy1987	166d26c1d8	[CLAUDE] App+Api+FE-Admin: Form template builder (upload + edit + delete) ... Admin giờ có thể quản lý template HĐ hoàn toàn qua UI — không cần dev đụng vào file system hay seed data. BE (FormFeatures.cs + FormsController.cs): - UploadContractTemplateCommand (multipart): validate FormCode (regex [A-Za-z0-9._-]+, unique), file <= 10MB, ext .docx/.xlsx, FieldSpec phải là JSON hợp lệ hoặc null. Ghi file vào wwwroot/templates/{formCode}_{guid:N}.{ext} để tránh collision + path traversal. - UpdateContractTemplateCommand: sửa metadata + FieldSpec + IsActive (không đụng file — chỉ DB). - DeleteContractTemplateCommand: soft delete qua IsActive=false (historical contracts ref template này vẫn resolve). - Endpoints: POST /api/forms/templates (multipart), PUT /api/forms/templates/{id}, DELETE /api/forms/templates/{id}. RequestSizeLimit 12MB (validator caps 10MB). FE (FormsPage.tsx admin): - PageHeader action button "Upload template" mở dialog mới - Row actions: Download (render existing), Pencil (edit), Trash (xóa confirm) thay vì chỉ có 1 nút Render — row hover reveals clearly - Upload dialog: file picker với file: pseudo-element brand styled, FormCode (required, font-mono), Tên, Loại HĐ select, Mô tả, FieldSpec JSON textarea với placeholder example - Edit dialog: same fields minus file (FormCode disabled, edit chỉ cập nhật metadata), có checkbox Kích hoạt - Shared form submit handler — same dialog cho upload (__new) + edit Foundation sẵn cho form builder thật (render UI từ FieldSpec JSON đang là text field — iteration sau sẽ parse + render form dynamic). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 21:15:35 +07:00
pqhuy1987	c8d0070770	[CLAUDE] App+Infra+Api+FE: Attachment upload E2E ... Foundation file-storage: - IFileStorage interface (Application) — SaveAsync/OpenReadAsync/ DeleteAsync/Exists. Future swap cho S3/Azure Blob không đổi caller. - LocalFileStorage (Infrastructure) — resolve Uploads:RootPath từ config, path-traversal guard (resolved full path phải stay in root), tự tạo directory khi save. - DI: singleton (stateless). - Config: dev "uploads", prod "C:\inetpub\solution-erp\uploads". CQRS: - UploadContractAttachmentCommand: validate size <=20MB + MIME whitelist (pdf, doc/docx, xls/xlsx, png/jpg/jpeg/webp). Sanitize filename (strip path components + invalid FS chars + leading dots). Storage path: contracts/{contractId}/{attId}_{safeFileName}. - DownloadContractAttachmentQuery: trả Stream + FileName + ContentType. - DeleteContractAttachmentCommand: best-effort file delete sau DB remove (orphan cleanup job có thể sweep sau). Api: - POST /api/contracts/{id}/attachments — multipart/form-data, field 'file' + form fields 'purpose' + 'note'. RequestSizeLimit 25MB (validator enforces 20MB). - GET /api/contracts/{id}/attachments/{attId}/download — File() stream. - DELETE /api/contracts/{id}/attachments/{attId}. FE ContractAttachmentsSection (both apps, identical): - Drag-drop zone với dragging highlight (brand-500 border + brand-50 bg) - Purpose selector (DraftExport / ScannedSigned / SealedCopy / Other) - List có icon per MIME (FileText/Image/File), filename, metadata (purpose · size · createdAt), download button (fetch blob + trigger browser save với auth header), delete button (confirm dialog) - Empty state hint về use-case ("bản scan HĐ đã ký ở phase In ký…") Integrated vào cả 2 ContractDetailPage — ngay dưới phần comments, trước sidebar lịch sử duyệt. Unblock E2E workflow: users giờ có thể upload bản scan ký (DangInKy), scan đóng dấu (DangDongDau) — phase transitions có bằng chứng thật. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 20:37:35 +07:00
pqhuy1987	49c0ddc8f4	[CLAUDE] App+Domain+Infra+Api+FE: Notifications module end-to-end ... Domain: - Notification entity + NotificationType enum (stable ints) - Nullable RefId cho correlation (contract, user, ...) Infrastructure: - NotificationConfiguration: bảng Notifications, index theo (UserId, ReadAt) - NotificationService: ghi vào DbContext, không SaveChanges (để caller quyết định unit-of-work — đảm bảo atomic với domain mutation) - EF migration AddNotifications Application: - INotificationService (Notify + NotifyMany) - CQRS: ListMyNotifications / GetMyUnreadCount / MarkRead / MarkAllRead Api: - NotificationsController: GET /api/notifications + unread-count + mark-read Integration: - ContractWorkflowService emit notification tới Drafter khi HĐ chuyển phase (skip nếu actor chính là Drafter). Title + type theo phase đích: DaPhatHanh → ContractPublished, TuChoi → ContractRejected, khác → ContractPhaseTransition. FE: - Both NotificationBell (admin + user) dùng /api/notifications thật (thay cho derived-from-inbox MVP trước đó). 30s refetch, click mark-read, 'Đọc hết' bulk action. Foundation sẵn cho SignalR push + email outbox sau này — chỉ cần mở rộng NotificationService mà không đổi caller. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 15:24:09 +07:00
pqhuy1987	11e61c9c39	[CLAUDE] Phase5.1: Security headers + account lockout + Users management ... Security hardening: - Api/Middleware/SecurityHeadersMiddleware MOI: remove server fingerprint (Server, X-Powered-By, ...), add X-Content-Type-Options:nosniff, X-Frame-Options:DENY, Referrer-Policy:strict-origin-when-cross-origin, Permissions-Policy (disable geolocation/mic/cam/payment), X-Permitted-Cross-Domain-Policies:none, CSP (default-src 'self' + img data: + style inline for Tailwind + frame-ancestors 'none'). Skip CSP tren /swagger (dung inline script). - Program.cs wire UseMiddleware SecurityHeadersMiddleware first in pipeline - Infrastructure/DependencyInjection Identity options: - Password.RequiredLength config-driven (Identity:Password:RequiredLength, default 8 dev, override 12+ prod) - Lockout: DefaultLockoutTimeSpan (15min), MaxFailedAccessAttempts (5), AllowedForNewUsers=true — all config-driven - LoginCommandHandler: IsLockedOutAsync check truoc → throw voi deadline message, AccessFailedAsync khi sai password, ResetAccessFailedCountAsync khi login thanh cong Users management: - Application/Users/UserFeatures.cs: 8 CQRS (ListUsersQuery paging+search, GetUserQuery, CreateUserCommand + Validator, UpdateUserCommand voi self-disable protection, AssignRolesCommand voi self-demote protection (khong tu go Admin), ResetPasswordCommand (invalidate refresh token + unlock), UnlockUserCommand) - UserDto: Id, Email, FullName, IsActive, IsLocked (computed tu LockoutEnd), CreatedAt, Roles - Api/Controllers/UsersController: 7 endpoint (Users.Read/Create/Update policies): - GET / (list paged), GET /{id}, POST /, PUT /{id}, PUT /{id}/roles, POST /{id}/reset-password, POST /{id}/unlock - using alias ValidationException = Application.Common.Exceptions.ValidationException (fix ambiguity voi FluentValidation) Frontend fe-admin: - types/users.ts MOI: User type + AVAILABLE_ROLES 12 role (match BE AppRoles.cs) + RoleLabel Vietnamese - pages/system/UsersPage.tsx MOI: - DataTable columns: Email (mono), FullName, Roles (badge chips voi Vietnamese label), IsActive (CheckCircle/XCircle), IsLocked (KeyRound red), CreatedAt - Actions per row (PermissionGuard Users.Update wrap): Gan role (Shield icon → Dialog grid 12 checkbox), Reset password (KeyRound → Dialog voi warning user se bi logout), Unlock (Unlock icon, chi hien khi isLocked), Toggle active (XCircle/CheckCircle) - Create user dialog: email + fullName + password (min 8) + grid 12 role checkbox - Route /system/users vao App.tsx E2E verified: - Security headers present tren moi response (check qua curl -I) - POST /api/users voi roles: [Drafter] → 201 + id - GET /api/users → paged voi 2 user (admin + new test.drafter) - TS check fe-admin → pass - dotnet build → 0 errors Docs: - docs/STATUS.md: Phase 5.1 xong, cumulative BE 3700 LOC, 42 endpoints, 17 FE pages - docs/HANDOFF.md: phase table update row Phase 5.1, last updated timestamp - docs/changelog/migration-todos.md: tick 6 items Phase 5.1 + 4 items remaining (IDOR, deps scan, admin warning, Roles CRUD) - docs/changelog/sessions/2026-04-21-1630-phase5-1-security-users.md: session log Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> EOF	2026-04-21 13:06:46 +07:00
pqhuy1987	f3fb3fd565	[CLAUDE] Phase5 prep: production infra + deploy scripts + 4 guides + FE refresh token ... Backend production infra: - Packages: Serilog.Sinks.File, HealthChecks.EntityFrameworkCore (RateLimiting built-in .NET 10) - appsettings.Production.json MOI: placeholder __SET_VIA_SECRETS__, AllowedOrigins, Serilog File sink rolling daily retention 30d, RateLimit config - appsettings.json + Development.json: them Serilog WriteTo Console - Program.cs REWRITE: - Serilog ReadFrom.Configuration (prod file / dev console) - Rate limiter: policy auth-login 5/min/IP (AuthController.Login) + GlobalLimiter 300/min/IP - Health checks: /health/live liveness (empty predicate) + /health/ready DB probe (AddDbContextCheck) - HSTS production 1 year - CORS origins from config AllowedOrigins (default dev 2 localhost) - AuthController.Login gắn [EnableRateLimiting("auth-login")] Deploy scripts: - scripts/deploy-iis.ps1: stop pool → backup current → clean+extract artifact → start pool → health check loop 30s timeout → rollback instruction if fail - scripts/backup-sql.ps1: BACKUP DATABASE voi INIT+COMPRESSION+CHECKSUM + retention 30d auto cleanup - .gitea/workflows/deploy.yml MOI: 4 job build BE (Windows) + build 2 FE (Ubuntu, pin .nvmrc 20) + deploy-iis qua WinRM PSSession (secrets IIS_HOST/USER/PASSWORD/JWT_SECRET/DB_CONNECTION) Docs guides MOI (4 file): - deployment-iis.md: prereqs (IIS features, Hosting Bundle, SQL, WinRM) + setup lan dau (app pool, 3 site, HTTPS win-acme, user-secrets) + deploy hang ngay (CI/CD + manual) + rollback + monitoring + troubleshooting + SPA web.config sample - cicd.md: pipeline overview 4 job, secrets setup, runner Windows+Ubuntu, branch strategy, build optimizations, common CI/CD issues - security-checklist.md: OWASP top 10 2021 mapping voi status + pre go-live checklist + incident response - runbook.md: daily ops (health/logs), restart/rollback, DB backup/restore/migration revert, user management (reset password, unlock, disable), monitoring (CPU/disk/connection pool), deployment checklist, common gotcha Frontend refresh token (ca 2 app fe-admin + fe-user): - lib/api.ts REWRITE: them REFRESH_KEY, axios response interceptor 401 → POST /auth/refresh → retry request goc. Queue pattern cho nhieu request song song chi 1 refresh call chay. Skip retry /auth/login + /auth/refresh tranh infinite loop. _retry flag tren original config. - contexts/AuthContext.tsx: luu+xoa REFRESH_KEY trong login/logout E2E verified: - GET /health/live → 200 Healthy - GET /health/ready → 200 Healthy (DB probe) - Rate limit flood 7 POST /auth/login → #1-5 HTTP 400 (cred sai) + #6-7 HTTP 429 Too Many Requests ✅ - TS check fe-admin + fe-user → pass - dotnet build → 0 errors Docs updates: - docs/STATUS.md: Phase 5 prep done, next Phase 5 deploy production + Phase 5.1 security hardening, cumulative stats 8 commits - docs/HANDOFF.md: phase table them Phase 5 prep row, file tree update voi guides + scripts + workflows, git state commit 8 - docs/changelog/migration-todos.md: tick Phase 5 prep items (12 items done) + Phase 5 deploy items remaining + Phase 5.1 security hardening list - docs/changelog/sessions/2026-04-21-1530-phase5-prep.md: session log chi tiet Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 12:57:12 +07:00
pqhuy1987	fe7ad8e4a3	[CLAUDE] Phase4: Report MVP + Docs Consolidation (rules, architecture, schema-diagram) ... Backend Report: - Application/Reports/Dtos/DashboardStatsDto: 5 KPI + PhaseCount + SupplierCount + ProjectCount + MonthlyValue - Application/Reports/Queries/GetDashboardStats handler: total/active/overdue/published this month/totalValueActive + byPhase + top 5 NCC/du an + 12 thang monthly (fill zero khi thang empty) - Application/Reports/Services/IContractExcelExporter interface - Infrastructure/Reports/ContractExcelExporter: ClosedXML workbook 10 cot, header style bold+blue, number format #,##0, formula SUM, auto-fit, freeze header - Application/Reports/Commands/ExportContractsToExcelCommand: filter phase/supplier/project/date range - Api/Controllers/ReportsController: GET /reports/dashboard, GET /reports/contracts/export - DI register IContractExcelExporter (Scoped) Frontend fe-admin: - types/reports.ts: DashboardStats type - components/BarChart.tsx: generic horizontal bar chart — chi Tailwind, khong thu vien ngoai - pages/DashboardPage.tsx REWRITE: 5 KPI card (FileText/TrendingUp/AlertTriangle/CheckCircle2/Coins) + by-phase bar + monthly 12-month chart + top 5 NCC + top 5 du an + skeleton loader - pages/ReportsPage.tsx MOI: filter phase/fromDate/toDate → export Excel button - Route /reports vao App.tsx E2E verified: - GET /api/reports/dashboard → 200 voi day du KPI + monthly fill 12 thang - GET /api/reports/contracts/export → 200 xlsx 7229 bytes (Microsoft Excel 2007+) Docs consolidation (theo yeu cau user): - docs/rules.md MOI: 9 section coding conventions (ngon ngu UI/code/DB/docs, BE Clean Arch, CQRS+MediatR, Validation FluentValidation, Error handling, Async, Entity rules, DI, Package pinning, FE React/TS erasableSyntaxOnly, path alias, TanStack Query, Permission guard, Toast+error, DB convention, Git commit format, Docs structure, Testing, Security) - docs/architecture.md MOI: layered overview ASCII art, request lifecycle (1 POST/api/contracts qua 10 step), workflow state machine 9 phase, permission model, data flow sequence diagram 4 actor (Drafter/Manager/CCM/BOD/HRA), deployment architecture Phase 5, skill library, non-functional table - docs/database/schema-diagram.md MOI: full ERD 19 table mermaid + data flow diagram + vong doi 1 HD (create → 7 transition → gen ma → publish) + index strategy table + relationship cardinality + soft delete behavior + SQL queries (inbox/dashboard/gen ma) + migration history - docs/gotchas.md UPDATE: 17 → 26 pitfalls, them section "Claude Code harness quirks" (Edit File not read, DI build pass nhung runtime fail) + "Contract workflow" (ma HD gen 2 lan, BE-FE NEXT_PHASES sync, race condition) + "Permission matrix" (cache real-time, MenuKey typo) - docs/STATUS.md: Phase 4 MVP done, docs entry points section liet ke het, next Phase 5 Production - docs/HANDOFF.md: phase table them Phase 4 row, file tree update voi Reports, test points day du, git state commit 7 - docs/changelog/migration-todos.md: tick Phase 4 MVP items + them iteration 2 list - docs/changelog/sessions/2026-04-21-1430-phase4-report.md: session log voi thong so cumulative (BE 3100 LOC, 30 docs) - CLAUDE.md root: update Tai lieu quan trong section them rules.md, architecture.md, schema-diagram.md, .claude/skills (13 links now) Bug fix: - TS unused import ContractPhaseLabel trong DashboardPage - DI thieu register IContractExcelExporter — build pass but runtime would fail (added) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 12:42:46 +07:00
pqhuy1987	7e957a7654	[CLAUDE] Phase3: Workflow MVP — 9-phase state machine + code gen + FE Inbox/Detail ... Backend Contracts domain (5 entities): - Contract aggregate: Phase (9 enum), SlaDeadline, MaHopDong, BypassProcurementAndCCM, DraftData, SlaWarningSent - ContractApproval: FromPhase → ToPhase, ApproverUserId (null = system auto-approve), Decision, Comment - ContractComment: thread theo Phase current - ContractAttachment: FileName + StoragePath + Purpose (DraftExport/ScannedSigned/SealedCopy) - ContractCodeSequence: Prefix PK + LastSeq — atomic gen EF configs: - Unique MaHopDong filtered [MaHopDong] IS NOT NULL - Indexes: Phase+IsDeleted, SupplierId, ProjectId, SlaDeadline, ContractId+ApprovedAt, ContractId+CreatedAt - Cascade delete Approvals/Comments/Attachments khi Contract xoa - Query filter IsDeleted - Migration AddContractsWorkflow (DB 19 tables) Workflow service: - IContractWorkflowService.TransitionAsync: - Adjacency check qua Transitions Dict<(from,to), roles[]> (12 transitions) - Role guard: user phai co role ∈ allowed - Admin bypass (role Admin pass moi check) - System bypass (userId=null + Decision=AutoApprove → cho SLA job sau nay) - Bypass CCM: BypassProcurementAndCCM=true cho phep DangInKy → DangTrinhKy skip phase 6 - Gen ma HD khi chuyen DangDongDau (idempotent — khong gen lai neu da co) - Reset SlaDeadline = UtcNow + PhaseSla - Insert ContractApproval row Code generator (RG-001): - 7 format theo ContractType: HDTP / HDGK / NCC / HDDV / MB + 2 framework (year prefix) - BeginTransactionAsync(Serializable) + ContractCodeSequences UPSERT → atomic - Idempotent: neu MaHopDong da co thi skip CQRS (8 feature, ContractFeatures.cs): - CreateContractCommand + Validator + Handler (set SlaDeadline = +7d) - UpdateContractDraftCommand (chi khi Phase=DangSoanThao) - TransitionContractCommand (delegate → WorkflowService) - AddCommentCommand (phase = hien tai) - ListContractsQuery (PagedResult + filter phase/supplier/project/search) - GetMyInboxQuery (map Phase → actor roles, filter theo role user) - GetContractQuery (detail + approvals + comments + attachments + resolve user names) - DeleteContractCommand (soft, block > DangInKy) Controller: - ContractsController 8 endpoint: GET list/inbox/detail, POST create/transition/comment, PUT update, DELETE Frontend fe-admin (2 page moi): - types/contracts.ts: ContractPhase const + Label + Color maps + types - components/PhaseBadge.tsx - pages/contracts/ContractsListPage.tsx: filter phase + search + click → detail - pages/contracts/ContractDetailPage.tsx: 2-col layout (info+comments | timeline), action dialog select target phase + comment Frontend fe-user (4 page moi + 14 file shared): - cp 14 file shared tu fe-admin (menuKeys, types/*, DataTable, PhaseBadge, Dialog, Textarea, Select, apiError, usePermission, PermissionGuard) - AuthContext update: load menu tu /menus/me + cache - Layout: menu fixed 3 muc + user info + roles display - InboxPage: list HD cho role user xu ly (sort theo SLA) - ContractCreatePage: form chon loai + template + NCC + du an + gia tri + bypass CDT - ContractDetailPage: duplicate fe-admin pattern (convention) - MyContractsPage: list HD cua toi - App.tsx: 4 route moi E2E verified: - Setup Supplier + Project - POST /contracts → 201 + phase=2 - POST /contracts/{id}/transitions x7 → di het 9 phase - Final: MaHopDong = "FLOCK 01/HĐGK/SOL&PVL2026/01" dung format RG-001 - Approvals: 7 rows audit day du Docs: - .claude/skills/contract-workflow/SKILL.md: placeholder → full spec voi state machine, SLA table, role matrix, 7 code format, code pointers, API, E2E workflow, pitfalls - docs/changelog/sessions/2026-04-21-1330-phase3-workflow.md: session log - docs/STATUS.md: Phase 3 MVP done, next Phase 4 - docs/HANDOFF.md: update phase status + file tree + commit log + testing points - docs/changelog/migration-todos.md: tick Phase 3 MVP items + add iteration 2 list Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 12:26:09 +07:00
pqhuy1987	5113e4c771	[CLAUDE] Phase2: Form Engine MVP + docs (gotchas, skill, handoff) ... Backend Forms: - Domain/Forms: ContractTemplate (FormCode, Name, ContractType, FileName, StoragePath, Format, FieldSpec JSON, IsActive) + ContractClause - EF config voi unique FormCode + query filter IsDeleted - DbSets + IApplicationDbContext update - Migration AddForms (bang 14 total) - Packages: DocumentFormat.OpenXml 3.x + ClosedXML 0.105+ - Application/Forms: - IFormRenderer interface + RenderResult record - FormFeatures.cs: List/Get/Render CQRS - IWebHostEnvironmentLocator (abstract IWebHostEnvironment) - Infrastructure/Forms: - DocxRenderer: OpenXml-based placeholder {{field}} replace, handle split runs (gom text tat ca <w:t> trong paragraph, replace, gan lai text dau + clear rest) - XlsxRenderer: ClosedXML cell value replace - FormRenderer router theo format docx/xlsx - Api: - FormsController: GET /templates (filter type, onlyActive), GET /templates/{id}, POST /templates/{id}/render (return file) - WebHostEnvironmentLocator impl - DbInitializer SeedContractTemplatesAsync: seed 8 template metadata, IsActive=true chi khi file ton tai Templates vat ly: - Copy 5 .docx/.xlsx tu FORM/ sang wwwroot/templates/ - 3 .doc (FO-002.02/03/06) chua convert: IsActive=false (Word COM bi stuck luc test, can retry voi DisplayAlerts=0 hoac LibreOffice) - scripts/convert-doc-to-docx.ps1 (Word COM automation) Frontend fe-admin: - types/forms.ts: ContractTemplate + ContractTypeLabel - pages/forms/FormsPage.tsx: list templates + Render dialog (paste JSON data → download .docx/.xlsx) - Route /forms them vao App.tsx Bug fix: - SpaceProcessingModeValues namespace: wrap EnumValue<> full path - SaveAs2($path, 16) thay vi SaveAs([ref], [ref]) — PowerShell type issue - Word COM stuck: kill process, skip .doc cho MVP Docs (theo yeu cau user): - docs/gotchas.md MOI: 17 pitfalls nhom theo tech stack / EF Core / OpenXml / JSON / dev workflow - .claude/skills/form-engine/SKILL.md: placeholder → full spec (algorithm + code pointers + API + limitations) - .claude/skills/permission-matrix/SKILL.md: placeholder → full spec (BE policy + FE guard + seed + pitfalls) - docs/HANDOFF.md MOI: brief 5 phut cho session sau (run quickstart + where we are + next steps + file tree + gotchas ref) - docs/STATUS.md: update cumulative stats + next up Phase 3 - docs/changelog/migration-todos.md: tick Phase 2 iteration 1 items + add iteration 2 list - docs/changelog/sessions/2026-04-21-1200-phase2-form-engine.md: session log - CLAUDE.md root: them reference den gotchas + HANDOFF E2E verified: - GET /api/forms/templates (onlyActive=false) → 8 templates - POST /api/forms/templates/{FO-002.05}/render voi data dict → HTTP 200 + file .docx 482KB (Microsoft Word 2007+ OK) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 12:01:11 +07:00
pqhuy1987	54d6c9ba52	[CLAUDE] Phase1.2: CRUD Master + Permission Matrix + FE admin pages ... Backend: - Domain/Master: Supplier (+ SupplierType 5 loai), Project, Department (AuditableEntity) - Domain/Identity: MenuItem, Permission, MenuKeys const (12 menu) - EF Configurations voi unique Code + query filter IsDeleted - DbSets + IApplicationDbContext interface update - Application: PagedResult + PagedRequest generic - Application/Master CQRS CRUD 3 entity (Create/Update/Delete/Get/List voi paging search sort) - Application/Permissions: GetMyMenuTree (union OR role, filter tree), ListMenuItems, ListPermissionsByRole, UpsertPermission (guard admin khong tu giam quyen), ListRoles - Api/Authorization: MenuPermissionRequirement + Handler (Admin bypass, query DB) - Program.cs: register 48 policy {menu}.{action} tu MenuKeys x Actions - Api/Controllers: Suppliers, Projects, Departments, Menus, Roles, Permissions - DbInitializer: seed 12 menu + admin full CRUD permissions - Migration AddMasterData + AddPermissions Frontend (fe-admin): - Types: menuKeys.ts const, menu.ts (MenuNode/Role/Permission), master.ts (Supplier/Project/Department + SupplierType const-object) - AuthContext: load menu from /menus/me, cache localStorage, refreshMenu() - usePermission hook + PermissionGuard component (wrap button) - UI kit them: Dialog (modal overlay), Textarea, Select - Generic: DataTable (column config, sortable, loading, empty) + Pagination - PageHeader component - apiError helper extract message tu ProblemDetails - Layout rewrite: render menu dong tu AuthContext.menu (MenuGroup collapsible + NavLink + lucide icon map) - Pages: master/Suppliers, master/Projects, master/Departments (CRUD + search + sort + paging + Dialog form) - Page system/Permissions: ma tran Role x MenuKey x CRUD checkbox (tick tu dong PUT upsert) - App.tsx them 4 route moi Bug fix: - MenuPermissionHandler: EF expression tree khong support switch expression -> tach switch ra ngoai AnyAsync - TS erasableSyntaxOnly khong cho enum -> SupplierType const-object pattern (typeof[keyof]) E2E verified via Vite proxy: - GET /menus/me -> 6 root + 6 child nodes (12 menus) - GET /roles -> 12 roles - POST/GET/PUT/DELETE /suppliers -> full CRUD, soft delete OK - tsc -b fe-admin pass Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 11:30:14 +07:00
pqhuy1987	702411fcc8	[CLAUDE] Phase1: foundation - BE Clean Arch + Identity + JWT + 2 FE React + login E2E ... Backend (.NET 10): - Domain: BaseEntity/AuditableEntity, ContractType/Phase/ApprovalDecision enums, User/Role (Identity<Guid>), AppRoles (12 const) - Application: IApplicationDbContext/ICurrentUser/IDateTime/IJwtTokenService, custom exceptions, ValidationBehavior (MediatR pipeline), Auth CQRS (Login/Refresh/Me), DependencyInjection - Infrastructure: ApplicationDbContext (IdentityDbContext), AuditingInterceptor (auto audit + soft delete), DbInitializer (seed 12 role + admin), DesignTimeDbContextFactory, JwtTokenService, DateTimeService, DI - Api: CurrentUserService, GlobalExceptionMiddleware (ProblemDetails), AuthController, Program.cs rewrite (Serilog + JWT + CORS + Swagger), appsettings + launchSettings (port 5443) - Migration Init applied to SolutionErp_Dev LocalDB Frontend (React 19 + Vite 8 + Tailwind 4): - fe-admin (:8082 blue) + fe-user (:8080 emerald) - shared structure, khac menu + brand color - Tailwind 4 via @tailwindcss/vite plugin, theme brand colors - AuthContext (localStorage token), ProtectedRoute, Layout (sidebar + header) - UI kit: Button/Input/Label (CVA + Tailwind) - LoginPage voi toast error, DashboardPage/InboxPage placeholder - Axios interceptor: auto Bearer + 401 redirect - TanStack Query client, React Router 7, Sonner toast Package downgrades (do .NET 10 / TS 6 compat): - MediatR 14 -> 12.4.1 (v14 breaking changes) - Swashbuckle 10 -> 6.9.0 (v10 khong tuong thich OpenApi 2) - Removed Microsoft.AspNetCore.OpenApi (conflict voi Swashbuckle) E2E verified: POST /api/auth/login qua Vite proxy ca 2 FE -> JWT + user info Credentials seed: admin@solutionerp.local / Admin@123456 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 10:59:44 +07:00
pqhuy1987	25dad7f36f	[CLAUDE] Scaffold: khoi tao SOLUTION_ERP Phase 0 ... - .NET 10 Clean Architecture: Domain/Application/Infrastructure/Api (4 project) - 2 React + Vite + TS app: fe-admin (:8082), fe-user (:8080) voi proxy /api - Node engines >=20, .nvmrc = 20 cho CI (bai hoc NamGroup) - SQL Server 2022 qua docker-compose (dev) - Parse 8 FORM -> docs/forms-spec.md (catalog + ma HD format RG-001) - Parse QUY_TRINH -> docs/workflow-contract.md (9 phase state machine + role matrix) - docs: CLAUDE.md, STATUS.md, PROJECT-MAP.md, migration-todos.md (roadmap 5 phase) - .claude/skills: 3 placeholder (contract-workflow, form-engine, permission-matrix) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-21 10:37:34 +07:00